diff --git a/thys/Independence_CH/Cardinal_Preservation.thy b/thys/Independence_CH/Cardinal_Preservation.thy --- a/thys/Independence_CH/Cardinal_Preservation.thy +++ b/thys/Independence_CH/Cardinal_Preservation.thy @@ -1,488 +1,481 @@ section\Preservation of cardinals in generic extensions\ theory Cardinal_Preservation imports Forcing_Main begin context forcing_data1 begin lemma antichain_abs' [absolut]: - "\ A\M \ \ antichain\<^bsup>M\<^esup>(P,leq,A) \ antichain(P,leq,A)" + "\ A\M \ \ antichain\<^bsup>M\<^esup>(\,leq,A) \ antichain(\,leq,A)" unfolding antichain_rel_def antichain_def compat_def using transitivity[of _ A] by (auto simp add:absolut) lemma inconsistent_imp_incompatible: - assumes "p \ \ env" "q \ Neg(\) env" "p\P" "q\P" + assumes "p \ \ env" "q \ Neg(\) env" "p\\" "q\\" "arity(\) \ length(env)" "\ \ formula" "env \ list(M)" shows "p \ q" proof assume "compat(p,q)" then - obtain d where "d \ p" "d \ q" "d \ P" by blast + obtain d where "d \ p" "d \ q" "d \ \" by blast moreover note assms moreover from calculation have "d \ \ env" "d \ Neg(\) env" using strengthening_lemma by simp_all ultimately show "False" using Forces_Neg[of d env \] refl_leq by (auto dest:transitivity; drule_tac bspec; auto dest:transitivity) qed notation check (\_\<^sup>v\ [101] 100) end \ \\<^locale>\forcing_data1\\ locale G_generic2 = G_generic1 + forcing_data2 locale G_generic2_AC = G_generic1_AC + G_generic2 locale G_generic3 = G_generic2 + forcing_data3 locale G_generic3_AC = G_generic2_AC + G_generic3 locale G_generic3_AC_CH = G_generic3_AC + M_ZFC2_ground_CH_trans sublocale G_generic3_AC \ ext:M_ZFC2_trans "M[G]" using ground_replacements3 replacement_assm_MG by unfold_locales simp_all lemma (in forcing_data1) forces_neq_apply_imp_incompatible: assumes "p \ \0`1 is 2\ [f,a,b\<^sup>v]" "q \ \0`1 is 2\ [f,a,b'\<^sup>v]" "b \ b'" \ \More general version: taking general names \<^term>\b\<^sup>v\ and \<^term>\b'\<^sup>v\, satisfying \<^term>\p \ \\\0 = 1\\ [b\<^sup>v, b'\<^sup>v]\ and \<^term>\q \ \\\0 = 1\\ [b\<^sup>v, b'\<^sup>v]\.\ and - types:"f\M" "a\M" "b\M" "b'\M" "p\P" "q\P" + types:"f\M" "a\M" "b\M" "b'\M" "p\\" "q\\" shows "p \ q" proof - { fix G assume "M_generic(G)" then interpret G_generic1 _ _ _ _ _ G by unfold_locales include G_generic1_lemmas assume "q\G" with assms \M_generic(G)\ have "M[G], map(val(G),[f,a,b'\<^sup>v]) \ \0`1 is 2\" using truth_lemma[of "\0`1 is 2\" "[f,a,b'\<^sup>v]"] by (auto simp add:ord_simp_union arity_fun_apply_fm fun_apply_type) with \b \ b'\ types have "M[G], map(val(G),[f,a,b\<^sup>v]) \ \\\0`1 is 2\\" using GenExtI by auto } with types have "q \ \\\0`1 is 2\\ [f,a,b\<^sup>v]" using definition_of_forcing[where \="\\\0`1 is 2\\" ] by (auto simp add:ord_simp_union arity_fun_apply_fm) with \p \ \0`1 is 2\ [f,a,b\<^sup>v]\ and types show "p \ q" using inconsistent_imp_incompatible by (simp add:ord_simp_union arity_fun_apply_fm fun_apply_type) qed context M_ctm2_AC begin \ \Simplifying simp rules (because of the occurrence of \<^term>\setclass\)\ lemmas sharp_simps = Card_rel_Union Card_rel_cardinal_rel Collect_abs Cons_abs Cons_in_M_iff Diff_closed Equal_abs Equal_in_M_iff Finite_abs Forall_abs Forall_in_M_iff Inl_abs Inl_in_M_iff Inr_abs Inr_in_M_iff Int_closed Inter_abs Inter_closed M_nat Member_abs Member_in_M_iff Memrel_closed Nand_abs Nand_in_M_iff Nil_abs Nil_in_M Ord_cardinal_rel Pow_rel_closed Un_closed Union_abs Union_closed and_abs and_closed apply_abs apply_closed bij_rel_closed bijection_abs bool_of_o_abs bool_of_o_closed cadd_rel_0 cadd_rel_closed cardinal_rel_0_iff_0 cardinal_rel_closed cardinal_rel_idem cartprod_abs cartprod_closed cmult_rel_0 cmult_rel_1 cmult_rel_closed comp_closed composition_abs cons_abs cons_closed converse_abs converse_closed csquare_lam_closed csquare_rel_closed depth_closed domain_abs domain_closed eclose_abs eclose_closed empty_abs field_abs field_closed finite_funspace_closed - finite_ordinal_abs formula_N_abs formula_N_closed formula_abs - formula_case_abs formula_case_closed formula_closed - formula_functor_abs fst_closed function_abs function_space_rel_closed + finite_ordinal_abs fst_closed function_abs function_space_rel_closed hd_abs image_abs image_closed inj_rel_closed injection_abs inter_abs - irreflexive_abs is_depth_apply_abs is_eclose_n_abs is_funspace_abs - iterates_closed length_abs length_closed lepoll_rel_refl - limit_ordinal_abs linear_rel_abs list_N_abs list_N_closed list_abs - list_case'_closed list_case_abs list_closed list_functor_abs - mem_bij_abs mem_eclose_abs mem_inj_abs mem_list_abs membership_abs + irreflexive_abs is_eclose_n_abs is_funspace_abs + iterates_closed length_closed lepoll_rel_refl + limit_ordinal_abs linear_rel_abs + mem_bij_abs mem_eclose_abs mem_inj_abs membership_abs minimum_closed nat_case_abs nat_case_closed nonempty not_abs - not_closed nth_abs number1_abs number2_abs number3_abs omega_abs + not_closed number1_abs number2_abs number3_abs omega_abs or_abs or_closed order_isomorphism_abs ordermap_closed ordertype_closed ordinal_abs pair_abs pair_in_M_iff powerset_abs pred_closed pred_set_abs quasilist_abs quasinat_abs radd_closed rall_abs range_abs range_closed relation_abs restrict_closed restriction_abs rex_abs rmult_closed rtrancl_abs rtrancl_closed rvimage_closed separation_closed setdiff_abs singleton_abs singleton_in_M_iff snd_closed strong_replacement_closed subset_abs succ_in_M_iff successor_abs successor_ordinal_abs sum_abs sum_closed surj_rel_closed surjection_abs tl_abs trancl_abs trancl_closed transitive_rel_abs transitive_set_abs typed_function_abs union_abs upair_abs upair_in_M_iff vimage_abs vimage_closed well_ord_abs - mem_formula_abs nth_closed Aleph_rel_closed csucc_rel_closed + nth_closed Aleph_rel_closed csucc_rel_closed Card_rel_Aleph_rel declare sharp_simps[simp del, simplified setclass_iff, simp] lemmas sharp_intros = nat_into_M Aleph_rel_closed Card_rel_Aleph_rel declare sharp_intros[rule del, simplified setclass_iff, intro] end \ \\<^locale>\M_ctm2_AC\\ context G_generic3_AC begin context includes G_generic1_lemmas begin lemmas mg_sharp_simps = ext.Card_rel_Union ext.Card_rel_cardinal_rel ext.Collect_abs ext.Cons_abs ext.Cons_in_M_iff ext.Diff_closed ext.Equal_abs ext.Equal_in_M_iff ext.Finite_abs ext.Forall_abs ext.Forall_in_M_iff ext.Inl_abs ext.Inl_in_M_iff ext.Inr_abs ext.Inr_in_M_iff ext.Int_closed ext.Inter_abs ext.Inter_closed ext.M_nat ext.Member_abs ext.Member_in_M_iff ext.Memrel_closed ext.Nand_abs ext.Nand_in_M_iff ext.Nil_abs ext.Nil_in_M ext.Ord_cardinal_rel ext.Pow_rel_closed ext.Un_closed ext.Union_abs ext.Union_closed ext.and_abs ext.and_closed ext.apply_abs ext.apply_closed ext.bij_rel_closed ext.bijection_abs ext.bool_of_o_abs ext.bool_of_o_closed ext.cadd_rel_0 ext.cadd_rel_closed ext.cardinal_rel_0_iff_0 ext.cardinal_rel_closed ext.cardinal_rel_idem ext.cartprod_abs ext.cartprod_closed ext.cmult_rel_0 ext.cmult_rel_1 ext.cmult_rel_closed ext.comp_closed ext.composition_abs ext.cons_abs ext.cons_closed ext.converse_abs ext.converse_closed ext.csquare_lam_closed ext.csquare_rel_closed ext.depth_closed ext.domain_abs ext.domain_closed ext.eclose_abs ext.eclose_closed ext.empty_abs ext.field_abs ext.field_closed - ext.finite_funspace_closed ext.finite_ordinal_abs ext.formula_N_abs - ext.formula_N_closed ext.formula_abs ext.formula_case_abs - ext.formula_case_closed ext.formula_closed ext.formula_functor_abs + ext.finite_funspace_closed ext.finite_ordinal_abs ext.fst_closed ext.function_abs ext.function_space_rel_closed ext.hd_abs ext.image_abs ext.image_closed ext.inj_rel_closed ext.injection_abs ext.inter_abs ext.irreflexive_abs - ext.is_depth_apply_abs ext.is_eclose_n_abs ext.is_funspace_abs - ext.iterates_closed ext.length_abs ext.length_closed + ext.is_eclose_n_abs ext.is_funspace_abs + ext.iterates_closed ext.length_closed ext.lepoll_rel_refl ext.limit_ordinal_abs ext.linear_rel_abs - ext.list_N_abs ext.list_N_closed ext.list_abs - ext.list_case'_closed ext.list_case_abs ext.list_closed - ext.list_functor_abs ext.mem_bij_abs ext.mem_eclose_abs - ext.mem_inj_abs ext.mem_list_abs ext.membership_abs + ext.mem_bij_abs ext.mem_eclose_abs + ext.mem_inj_abs ext.membership_abs ext.nat_case_abs ext.nat_case_closed - ext.nonempty ext.not_abs ext.not_closed ext.nth_abs + ext.nonempty ext.not_abs ext.not_closed ext.number1_abs ext.number2_abs ext.number3_abs ext.omega_abs ext.or_abs ext.or_closed ext.order_isomorphism_abs ext.ordermap_closed ext.ordertype_closed ext.ordinal_abs ext.pair_abs ext.pair_in_M_iff ext.powerset_abs ext.pred_closed ext.pred_set_abs ext.quasilist_abs ext.quasinat_abs ext.radd_closed ext.rall_abs ext.range_abs ext.range_closed ext.relation_abs ext.restrict_closed ext.restriction_abs ext.rex_abs ext.rmult_closed ext.rtrancl_abs ext.rtrancl_closed ext.rvimage_closed ext.separation_closed ext.setdiff_abs ext.singleton_abs ext.singleton_in_M_iff ext.snd_closed ext.strong_replacement_closed ext.subset_abs ext.succ_in_M_iff ext.successor_abs ext.successor_ordinal_abs ext.sum_abs ext.sum_closed ext.surj_rel_closed ext.surjection_abs ext.tl_abs ext.trancl_abs ext.trancl_closed ext.transitive_rel_abs ext.transitive_set_abs ext.typed_function_abs ext.union_abs ext.upair_abs ext.upair_in_M_iff ext.vimage_abs ext.vimage_closed - ext.well_ord_abs ext.mem_formula_abs ext.nth_closed ext.Aleph_rel_closed + ext.well_ord_abs ext.nth_closed ext.Aleph_rel_closed ext.csucc_rel_closed ext.Card_rel_Aleph_rel \ \The following was motivated by the fact that @{thm [source] ext.apply_closed} did not simplify appropriately.\ declare mg_sharp_simps[simp del, simplified setclass_iff, simp] lemmas mg_sharp_intros = ext.nat_into_M ext.Aleph_rel_closed ext.Card_rel_Aleph_rel declare mg_sharp_intros[rule del, simplified setclass_iff, intro] \ \Kunen IV.2.31\ lemma forces_below_filter: assumes "M[G], map(val(G),env) \ \" "p \ G" "arity(\) \ length(env)" "\ \ formula" "env \ list(M)" shows "\q\G. q \ p \ q \ \ env" proof - note assms moreover from this obtain r where "r \ \ env" "r\G" using generic truth_lemma[of \ env] by blast moreover from this and \p\G\ obtain q where "q \ p" "q \ r" "q \ G" by auto ultimately show ?thesis using strengthening_lemma[of r \ _ env] by blast qed subsection\Preservation by ccc forcing notions\ lemma ccc_fun_closed_lemma_aux: assumes "f_dot\M" "p\M" "a\M" "b\M" - shows "{q \ P . q \ p \ (M, [q, P, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))} \ M" + shows "{q \ \ . q \ p \ (M, [q, \, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))} \ M" using separation_forces[where env="[f_dot, a\<^sup>v, b\<^sup>v]" and \="\0`1 is 2\",simplified] assms G_subset_M[THEN subsetD] generic separation_in lam_replacement_constant lam_replacement_identity lam_replacement_product separation_conj arity_fun_apply_fm union_abs1 by simp_all lemma ccc_fun_closed_lemma_aux2: assumes "B\M" "f_dot\M" "p\M" "a\M" - shows "(##M)(\b\B. {q \ P . q \ p \ (M, [q, P, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))})" + shows "(##M)(\b\B. {q \ \ . q \ p \ (M, [q, \, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))})" proof - - have "separation(##M, \z. M, [snd(z), P, leq, \, f_dot, \, fst(z)\<^sup>v] \ forces(\0`1 is 2\ ))" + have "separation(##M, \z. M, [snd(z), \, leq, \, f_dot, \, fst(z)\<^sup>v] \ forces(\0`1 is 2\ ))" if "\\M" for \ proof - let ?f_fm="snd_fm(1,0)" let ?g_fm="hcomp_fm(check_fm(6),fst_fm,2,0)" note assms moreover have "arity(forces(\0`1 is 2\ )) \ 7" using arity_fun_apply_fm union_abs1 arity_forces[of "\0`1 is 2\ "] by simp moreover have "?f_fm \ formula" "arity(?f_fm) \ 7" "?g_fm \ formula" "arity(?g_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function assms that sats_fst_fm snd_abs sats_snd_fm sats_check_fm check_abs fst_abs unfolding hcomp_fm_def by simp qed with assms show ?thesis using lam_replacement_imp_lam_closed separation_conj separation_in lam_replacement_product lam_replacement_constant transitivity[of _ B] lam_replacement_snd lam_replacement_Collect' ccc_fun_closed_lemma_aux by simp qed lemma ccc_fun_closed_lemma: assumes "A\M" "B\M" "f_dot\M" "p\M" - shows "(\a\A. {b\B. \q\P. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}) \ M" + shows "(\a\A. {b\B. \q\\. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}) \ M" proof - - have "separation(##M, \z. M, [snd(z), P, leq, \, f_dot, fst(fst(z))\<^sup>v, snd(fst(z))\<^sup>v] \ forces(\0`1 is 2\ ))" + have "separation(##M, \z. M, [snd(z), \, leq, \, f_dot, fst(fst(z))\<^sup>v, snd(fst(z))\<^sup>v] \ forces(\0`1 is 2\ ))" proof - let ?f_fm="snd_fm(1,0)" let ?g="\z . fst(fst(fst(z)))\<^sup>v" let ?g_fm="hcomp_fm(check_fm(6),hcomp_fm(fst_fm,fst_fm),2,0)" let ?h_fm="hcomp_fm(check_fm(7),hcomp_fm(snd_fm,fst_fm),3,0)" note assms moreover have "arity(forces(\0`1 is 2\ )) \ 7" using arity_fun_apply_fm union_abs1 arity_forces[of "\0`1 is 2\ "] by simp moreover have "?f_fm \ formula" "arity(?f_fm) \ 6" "?g_fm \ formula" "arity(?g_fm) \ 7" "?h_fm \ formula" "arity(?h_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function3 assms sats_check_fm check_abs fst_abs snd_abs unfolding hcomp_fm_def by simp qed moreover - have 1:"separation(##M, \z. M, [snd(z), P, leq, \, f_dot, \, fst(z)\<^sup>v] \ forces(\0`1 is 2\ ))" + have 1:"separation(##M, \z. M, [snd(z), \, leq, \, f_dot, \, fst(z)\<^sup>v] \ forces(\0`1 is 2\ ))" if "\\M" for \ proof - let ?f_fm="snd_fm(1,0)" let ?g_fm="hcomp_fm(check_fm(6),fst_fm,2,0)" note assms moreover have "arity(forces(\0`1 is 2\ )) \ 7" using arity_forces[of "\0`1 is 2\ "] arity_fun_apply_fm union_abs1 by simp moreover have "?f_fm \ formula" "arity(?f_fm) \ 7" "?g_fm \ formula" "arity(?g_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function that fst_abs snd_abs sats_check_fm check_abs unfolding hcomp_fm_def by simp qed moreover note assms ultimately show ?thesis using lam_replacement_imp_lam_closed lam_replacement_Collect' transitivity[of _ A] lam_replacement_constant lam_replacement_identity lam_replacement_snd lam_replacement_product separation_conj separation_in separation_bex separation_iff' by simp qed \ \Kunen IV.3.5\ lemma ccc_fun_approximation_lemma: notes le_trans[trans] - assumes "ccc\<^bsup>M\<^esup>(P,leq)" "A\M" "B\M" "f\M[G]" "f : A \ B" + assumes "ccc\<^bsup>M\<^esup>(\,leq)" "A\M" "B\M" "f\M[G]" "f : A \ B" shows "\F\M. F : A \ Pow\<^bsup>M\<^esup>(B) \ (\a\A. f`a \ F`a \ |F`a|\<^bsup>M\<^esup> \ \)" proof - from \f\M[G]\ obtain f_dot where "f = val(G,f_dot)" "f_dot\M" using GenExtD by force with assms obtain p where "p \ \0:1\2\ [f_dot, A\<^sup>v, B\<^sup>v]" "p\G" "p\M" using G_subset_M truth_lemma[of "\0:1\2\" "[f_dot, A\<^sup>v, B\<^sup>v]"] by (auto simp add:ord_simp_union arity_typed_function_fm \ \NOTE: type-checking is not performed here by the Simplifier\ typed_function_type) - define F where "F\\a\A. {b\B. \q\P. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}" + define F where "F\\a\A. {b\B. \q\\. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}" from assms \f_dot\_\ \p\M\ have "F \ M" unfolding F_def using ccc_fun_closed_lemma by simp moreover from calculation have "f`a \ F`a" if "a \ A" for a proof - note \f: A \ B\ \a \ A\ moreover from this have "f ` a \ B" by simp moreover note \f\M[G]\ \A\M\ moreover from calculation have "M[G], [f, a, f`a] \ \0`1 is 2\" by (auto dest:transitivity) moreover note \B\M\ \f = val(G,f_dot)\ moreover from calculation have "a\M" "val(G, f_dot)`a\M" by (auto dest:transitivity) moreover note \f_dot\M\ \p\G\ ultimately obtain q where "q \ p" "q \ \0`1 is 2\ [f_dot, a\<^sup>v, (f`a)\<^sup>v]" "q\G" using forces_below_filter[of "\0`1 is 2\" "[f_dot, a\<^sup>v, (f`a)\<^sup>v]" p] by (auto simp add: ord_simp_union arity_fun_apply_fm fun_apply_type) with \f`a \ B\ - have "f`a \ {b\B . \q\P. q \ p \ q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]}" + have "f`a \ {b\B . \q\\. q \ p \ q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]}" by blast with \a\A\ show ?thesis unfolding F_def by simp qed moreover have "|F`a|\<^bsup>M\<^esup> \ \ \ F`a\M" if "a \ A" for a proof - - let ?Q="\b. {q\P. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}" + let ?Q="\b. {q\\. q \ p \ (q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v])}" from \F \ M\ \a\A\ \A\M\ have "F`a \ M" "a\M" using transitivity[OF _ \A\M\] by simp_all moreover have 2:"\x. x\F`a \ x\M" using transitivity[OF _ \F`a\M\] by simp moreover have 3:"\x. x\F`a \ (##M)(?Q(x))" using ccc_fun_closed_lemma_aux[OF \f_dot\M\ \p\M\ \a\M\ 2] transitivity[of _ "F`a"] by simp moreover - have 4:"lam_replacement(##M,\b. {q \ P . q \ p \ (M, [q, P, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))})" + have 4:"lam_replacement(##M,\b. {q \ \ . q \ p \ (M, [q, \, leq, \, f_dot, a\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ ))})" using ccc_fun_closed_lemma_aux2[OF _ \f_dot\M\ \p\M\ \a\M\] lam_replacement_iff_lam_closed[THEN iffD2] ccc_fun_closed_lemma_aux[OF \f_dot\M\ \p\M\ \a\M\] by simp ultimately interpret M_Pi_assumptions_choice "##M" "F`a" ?Q using Pi_replacement1[OF _ 3] lam_replacement_Sigfun[OF 4] lam_replacement_imp_strong_replacement ccc_fun_closed_lemma_aux[OF \f_dot\M\ \p\M\ \a\M\] lam_replacement_hcomp2[OF lam_replacement_constant 4 _ _ lam_replacement_minimum,unfolded lam_replacement_def] by unfold_locales simp_all from \F`a \ M\ - interpret M_Pi_assumptions2 "##M" "F`a" ?Q "\_ . P" + interpret M_Pi_assumptions2 "##M" "F`a" ?Q "\_ . \" using lam_replacement_imp_strong_replacement[OF lam_replacement_Sigfun[OF lam_replacement_constant]] Pi_replacement1 transitivity[of _ "F`a"] by unfold_locales simp_all from \p \ \0:1\2\ [f_dot, A\<^sup>v, B\<^sup>v]\ \a\A\ have "\y. y \ ?Q(b)" if "b \ F`a" for b using that unfolding F_def by auto then obtain q where "q \ Pi\<^bsup>M\<^esup>(F`a,?Q)" "q\M" using AC_Pi_rel by auto moreover note \F`a \ M\ moreover from calculation - have "q : F`a \\<^bsup>M\<^esup> P" + have "q : F`a \\<^bsup>M\<^esup> \" using Pi_rel_weaken_type def_function_space_rel by auto moreover from calculation - have "q : F`a \ range(q)" "q : F`a \ P" "q : F`a \\<^bsup>M\<^esup> range(q)" + have "q : F`a \ range(q)" "q : F`a \ \" "q : F`a \\<^bsup>M\<^esup> range(q)" using mem_function_space_rel_abs range_of_fun by simp_all moreover have "q`b \ q`c" if "b \ F`a" "c \ F`a" "b \ c" \ \For the next step, if the premise \<^term>\b \ c\ is first, the proof breaks down badly\ for b c proof - from \b \ F`a\ \c \ F`a\ \q \ Pi\<^bsup>M\<^esup>(F`a,?Q)\ \q\M\ have "q`b \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]" "q`c \ \0`1 is 2\ [f_dot, a\<^sup>v, c\<^sup>v]" using mem_Pi_rel_abs[of q] apply_type[of _ _ ?Q] by simp_all - with \b \ c\ \q : F`a \ P\ \a\A\ \b\_\ \c\_\ + with \b \ c\ \q : F`a \ \\ \a\A\ \b\_\ \c\_\ \A\M\ \f_dot\M\ \F`a\M\ show ?thesis using forces_neq_apply_imp_incompatible transitivity[of _ A] transitivity[of _ "F`a"] by auto qed moreover from calculation - have "antichain(P,leq,range(q))" - using Pi_range_eq[of _ _ "\_ . P"] + have "antichain(\,leq,range(q))" + using Pi_range_eq[of _ _ "\_ . \"] unfolding antichain_def compat_in_def by auto moreover from this and \q\M\ - have "antichain\<^bsup>M\<^esup>(P,leq,range(q))" + have "antichain\<^bsup>M\<^esup>(\,leq,range(q))" by (simp add:absolut del:P_in_M) moreover from calculation have "q`b \ q`c" if "b \ c" "b \ F`a" "c \ F`a" for b c using that Incompatible_imp_not_eq apply_type mem_function_space_rel_abs by simp ultimately have "q \ inj\<^bsup>M\<^esup>(F`a,range(q))" using def_inj_rel by auto with \F`a \ M\ \q\M\ have "|F`a|\<^bsup>M\<^esup> \ |range(q)|\<^bsup>M\<^esup>" using def_lepoll_rel by (rule_tac lepoll_rel_imp_cardinal_rel_le) auto - also from \antichain\<^bsup>M\<^esup>(P,leq,range(q))\ \ccc\<^bsup>M\<^esup>(P,leq)\ \q\M\ + also from \antichain\<^bsup>M\<^esup>(\,leq,range(q))\ \ccc\<^bsup>M\<^esup>(\,leq)\ \q\M\ have "|range(q)|\<^bsup>M\<^esup> \ \" using def_ccc_rel by simp finally show ?thesis using \F`a\M\ by auto qed moreover from this have "F`a\M" if "a\A" for a using that by simp moreover from this \B\M\ have "F : A \ Pow\<^bsup>M\<^esup>(B)" using Pow_rel_char unfolding F_def by (rule_tac lam_type) auto ultimately show ?thesis by auto qed end \ \G\_generic1\_lemmas bundle\ end \ \\<^locale>\G_generic3_AC\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Choice_Axiom.thy b/thys/Independence_CH/Choice_Axiom.thy --- a/thys/Independence_CH/Choice_Axiom.thy +++ b/thys/Independence_CH/Choice_Axiom.thy @@ -1,322 +1,322 @@ section\The Axiom of Choice in $M[G]$\ theory Choice_Axiom imports Powerset_Axiom Extensionality_Axiom Foundation_Axiom Replacement_Axiom Infinity_Axiom begin definition upair_name :: "i \ i \ i \ i" where "upair_name(\,\,on) \ Upair(\\,on\,\\,on\)" definition opair_name :: "i \ i \ i \ i" where "opair_name(\,\,on) \ upair_name(upair_name(\,\,on),upair_name(\,\,on),on)" definition induced_surj :: "i\i\i\i" where "induced_surj(f,a,e) \ f-``(range(f)-a)\{e} \ restrict(f,f-``a)" lemma domain_induced_surj: "domain(induced_surj(f,a,e)) = domain(f)" unfolding induced_surj_def using domain_restrict domain_of_prod by auto lemma range_restrict_vimage: assumes "function(f)" shows "range(restrict(f,f-``a)) \ a" proof from assms have "function(restrict(f,f-``a))" using function_restrictI by simp fix y assume "y \ range(restrict(f,f-``a))" then obtain x where "\x,y\ \ restrict(f,f-``a)" "x \ f-``a" "x\domain(f)" using domain_restrict domainI[of _ _ "restrict(f,f-``a)"] by auto moreover note \function(restrict(f,f-``a))\ ultimately have "y = restrict(f,f-``a)`x" using function_apply_equality by blast also from \x \ f-``a\ have "restrict(f,f-``a)`x = f`x" by simp finally have "y = f`x" . moreover from assms \x\domain(f)\ have "\x,f`x\ \ f" using function_apply_Pair by auto moreover note assms \x \ f-``a\ ultimately show "y\a" using function_image_vimage[of f a] by auto qed lemma induced_surj_type: assumes "function(f)" (* "relation(f)" (* a function can contain non-pairs *) *) shows "induced_surj(f,a,e): domain(f) \ {e} \ a" and "x \ f-``a \ induced_surj(f,a,e)`x = f`x" proof - let ?f1="f-``(range(f)-a) \ {e}" and ?f2="restrict(f, f-``a)" have "domain(?f2) = domain(f) \ f-``a" using domain_restrict by simp moreover from assms have "domain(?f1) = f-``(range(f))-f-``a" using domain_of_prod function_vimage_Diff by simp ultimately have "domain(?f1) \ domain(?f2) = 0" by auto moreover have "function(?f1)" "relation(?f1)" "range(?f1) \ {e}" unfolding function_def relation_def range_def by auto moreover from this and assms have "?f1: domain(?f1) \ range(?f1)" using function_imp_Pi by simp moreover from assms have "?f2: domain(?f2) \ range(?f2)" using function_imp_Pi[of "restrict(f, f -`` a)"] function_restrictI by simp moreover from assms have "range(?f2) \ a" using range_restrict_vimage by simp ultimately have "induced_surj(f,a,e): domain(?f1) \ domain(?f2) \ {e} \ a" unfolding induced_surj_def using fun_is_function fun_disjoint_Un fun_weaken_type by simp moreover have "domain(?f1) \ domain(?f2) = domain(f)" using domain_restrict domain_of_prod by auto ultimately show "induced_surj(f,a,e): domain(f) \ {e} \ a" by simp assume "x \ f-``a" then have "?f2`x = f`x" using restrict by simp moreover from \x \ f-``a\ \domain(?f1) = _\ have "x \ domain(?f1)" by simp ultimately show "induced_surj(f,a,e)`x = f`x" unfolding induced_surj_def using fun_disjoint_apply2[of x ?f1 ?f2] by simp qed lemma induced_surj_is_surj : assumes "e\a" "function(f)" "domain(f) = \" "\y. y \ a \ \x\\. f ` x = y" shows "induced_surj(f,a,e) \ surj(\,a)" unfolding surj_def proof (intro CollectI ballI) from assms show "induced_surj(f,a,e): \ \ a" using induced_surj_type[of f a e] cons_eq cons_absorb by simp fix y assume "y \ a" with assms have "\x\\. f ` x = y" by simp then obtain x where "x\\" "f ` x = y" by auto with \y\a\ assms have "x\f-``a" using vimage_iff function_apply_Pair[of f x] by auto with \f ` x = y\ assms have "induced_surj(f, a, e) ` x = y" using induced_surj_type by simp with \x\\\ show "\x\\. induced_surj(f, a, e) ` x = y" by auto qed lemma (in M_ZF1_trans) upair_name_closed : "\ x\M; y\M ; o\M\ \ upair_name(x,y,o)\M" unfolding upair_name_def using upair_in_M_iff pair_in_M_iff Upair_eq_cons by simp context G_generic1 begin lemma val_upair_name : "val(G,upair_name(\,\,\)) = {val(G,\),val(G,\)}" unfolding upair_name_def using val_Upair Upair_eq_cons generic one_in_G by simp lemma val_opair_name : "val(G,opair_name(\,\,\)) = \val(G,\),val(G,\)\" unfolding opair_name_def Pair_def using val_upair_name by simp lemma val_RepFun_one: "val(G,{\f(x),\\ . x\a}) = {val(G,f(x)) . x\a}" proof - let ?A = "{f(x) . x \ a}" let ?Q = "\\x,p\ . p = \" - have "\ \ P\G" using generic one_in_G one_in_P by simp - have "{\f(x),\\ . x \ a} = {t \ ?A \ P . ?Q(t)}" + have "\ \ \\G" using generic one_in_G one_in_P by simp + have "{\f(x),\\ . x \ a} = {t \ ?A \ \ . ?Q(t)}" using one_in_P by force then - have "val(G,{\f(x),\\ . x \ a}) = val(G,{t \ ?A \ P . ?Q(t)})" + have "val(G,{\f(x),\\ . x \ a}) = val(G,{t \ ?A \ \ . ?Q(t)})" by simp also - have "... = {z . t \ ?A , (\p\P\G . ?Q(\t,p\)) \ z= val(G,t)}" + have "... = {z . t \ ?A , (\p\\\G . ?Q(\t,p\)) \ z= val(G,t)}" using val_of_name_alt by simp - also from \\\P\G\ + also from \\\\\G\ have "... = {val(G,t) . t \ ?A }" by force also have "... = {val(G,f(x)) . x \ a}" by auto finally show ?thesis by simp qed end\ \\<^locale>\G_generic1\\ subsection\$M[G]$ is a transitive model of ZF\ sublocale G_generic1 \ ext:M_Z_trans "M[G]" using Transset_MG generic pairing_in_MG Union_MG extensionality_in_MG power_in_MG foundation_in_MG replacement_assm_MG separation_in_MG infinity_in_MG replacement_ax1 by unfold_locales lemma (in M_replacement) upair_name_lam_replacement : "M(z) \ lam_replacement(M,\x . upair_name(fst(x),snd(x),z))" using lam_replacement_Upair[THEN [5] lam_replacement_hcomp2] lam_replacement_product lam_replacement_fst lam_replacement_snd lam_replacement_constant unfolding upair_name_def by simp lemma (in forcing_data1) repl_opname_check : assumes "A\M" "f\M" shows "{opair_name(check(x),f`x,\). x\A}\M" using assms lam_replacement_constant check_lam_replacement lam_replacement_identity upair_name_lam_replacement[THEN [5] lam_replacement_hcomp2] lam_replacement_apply2[THEN [5] lam_replacement_hcomp2] lam_replacement_imp_strong_replacement_aux transitivity RepFun_closed upair_name_closed apply_closed unfolding opair_name_def by simp theorem (in G_generic1) choice_in_MG: assumes "choice_ax(##M)" shows "choice_ax(##M[G])" proof - { fix a assume "a\M[G]" then obtain \ where "\\M" "val(G,\) = a" using GenExt_def by auto with \\\M\ have "domain(\)\M" using domain_closed by simp then obtain s \ where "s\surj(\,domain(\))" "Ord(\)" "s\M" "\\M" using assms choice_ax_abs by auto then have "\\M[G]" using M_subset_MG generic one_in_G subsetD by blast - let ?A="domain(\)\P" + let ?A="domain(\)\\" let ?g = "{opair_name(check(\),s`\,\). \\\}" have "?g \ M" using \s\M\ \\\M\ repl_opname_check by simp let ?f_dot="{\opair_name(check(\),s`\,\),\\. \\\}" have "?f_dot = ?g \ {\}" by blast define f where "f \ val(G,?f_dot)" from \?g\M\ \?f_dot = ?g\{\}\ have "?f_dot\M" using cartprod_closed singleton_closed by simp then have "f \ M[G]" unfolding f_def by (blast intro:GenExtI) have "f = {val(G,opair_name(check(\),s`\,\)) . \\\}" unfolding f_def using val_RepFun_one by simp also have "... = {\\,val(G,s`\)\ . \\\}" using val_opair_name val_check generic one_in_G one_in_P by simp finally have "f = {\\,val(G,s`\)\ . \\\}" . then have 1: "domain(f) = \" "function(f)" unfolding function_def by auto have 2: "y \ a \ \x\\. f ` x = y" for y proof - fix y assume "y \ a" with \val(G,\) = a\ obtain \ where "\\domain(\)" "val(G,\) = y" using elem_of_val[of y _ \] by blast with \s\surj(\,domain(\))\ obtain \ where "\\\" "s`\ = \" unfolding surj_def by auto with \val(G,\) = y\ have "val(G,s`\) = y" by simp with \f = {\\,val(G,s`\)\ . \\\}\ \\\\\ have "\\,y\\f" by auto with \function(f)\ have "f`\ = y" using function_apply_equality by simp with \\\\\ show "\\\\. f ` \ = y" by auto qed then have "\\\(M[G]). \f'\(M[G]). Ord(\) \ f' \ surj(\,a)" proof (cases "a=0") case True then show ?thesis unfolding surj_def using zero_in_MG by auto next case False with \a\M[G]\ obtain e where "e\a" "e\M[G]" using transitivity_MG by blast with 1 and 2 have "induced_surj(f,a,e) \ surj(\,a)" using induced_surj_is_surj by simp moreover from \f\M[G]\ \a\M[G]\ \e\M[G]\ have "induced_surj(f,a,e) \ M[G]" unfolding induced_surj_def by (simp flip: setclass_iff) moreover note \\\M[G]\ \Ord(\)\ ultimately show ?thesis by auto qed } then show ?thesis using ext.choice_ax_abs by simp qed sublocale G_generic1_AC \ ext:M_ZC_basic "M[G]" using choice_ax choice_in_MG by unfold_locales end \ No newline at end of file diff --git a/thys/Independence_CH/Definitions_Main.thy b/thys/Independence_CH/Definitions_Main.thy --- a/thys/Independence_CH/Definitions_Main.thy +++ b/thys/Independence_CH/Definitions_Main.thy @@ -1,641 +1,640 @@ section\Main definitions of the development\label{sec:main-definitions}\ theory Definitions_Main imports Absolute_Versions begin text\This theory gathers the main definitions of the \<^session>\Transitive_Models\ session and the present one. It might be considered as the bare minimum reading requisite to trust that our development indeed formalizes the theory of forcing. This should be mathematically clear since this is the only known method for obtaining proper extensions of ctms while preserving the ordinals. The main theorem of this session and all of its relevant definitions appear in Section~\ref{sec:def-main-forcing}. The reader trusting all the libraries on which our development is based, might jump directly to Section~\ref{sec:relative-arith}, which treats relative cardinal arithmetic as implemented in \<^session>\Transitive_Models\. But in case one wants to dive deeper, the following sections treat some basic concepts of the ZF logic (Section~\ref{sec:def-main-ZF}) and in the ZF-Constructible library (Section~\ref{sec:def-main-relative}) on which our definitions are built. \ declare [[show_question_marks=false]] subsection\ZF\label{sec:def-main-ZF}\ text\For the basic logic ZF we restrict ourselves to just a few concepts.\ thm bij_def[unfolded inj_def surj_def] text\@{thm [display] bij_def[unfolded inj_def surj_def]}\ (* bij(A, B) \ {f \ A \ B . \w\A. \x\A. f ` w = f ` x \ w = x} \ {f \ A \ B . \y\B. \x\A. f ` x = y} *) thm eqpoll_def text\@{thm [display] eqpoll_def}\ (* A \ B \ \f. f \ bij(A, B) *) thm Transset_def text\@{thm [display] Transset_def}\ (* Transset(i) \ \x\i. x \ i *) thm Ord_def text\@{thm [display] Ord_def}\ (* Ord(i) \ Transset(i) \ (\x\i. Transset(x)) *) thm lt_def le_iff text\@{thm [display] lt_def le_iff}\ (* i < j \ i \ j \ Ord(j) i \ j \ i < j \ i = j \ Ord(j) *) text\With the concepts of empty set and successor in place,\ lemma empty_def': "\x. x \ 0" by simp lemma succ_def': "succ(i) = i \ {i}" by blast text\we can define the set of natural numbers \<^term>\\\. In the sources, it is defined as a fixpoint, but here we just write its characterization as the first limit ordinal.\ thm Limit_nat[unfolded Limit_def] nat_le_Limit[unfolded Limit_def] text\@{thm [display] Limit_nat[unfolded Limit_def] nat_le_Limit[unfolded Limit_def]}\ (* Ord(\) \ 0 < \ \ (\y. y < \ \ succ(y) < \) Ord(i) \ 0 < i \ (\y. y < i \ succ(y) < i) \ \ \ i *) text\Then, addition and predecessor on \<^term>\\\ are inductively characterized as follows:\ thm add_0_right add_succ_right pred_0 pred_succ_eq text\@{thm [display] add_succ_right add_0_right pred_0 pred_succ_eq}\ (* m \ \ \ m +\<^sub>\ 0 = m m +\<^sub>\ succ(n) = succ(m +\<^sub>\ n) pred(0) = 0 pred(succ(y)) = y *) text\Lists on a set \<^term>\A\ can be characterized by being recursively generated from the empty list \<^term>\[]\ and the operation \<^term>\Cons\ that adds a new element to the left end; the induction theorem for them shows that the characterization is “complete”.\ thm Nil Cons list.induct text\@{thm [display] Nil Cons list.induct }\ (* [] \ list(A) a \ A \ l \ list(A) \ Cons(a, l) \ list(A) x \ list(A) \ P([]) \ (\a l. a \ A \ l \ list(A) \ P(l) \ P(Cons(a, l))) \ P(x) *) text\Length, concatenation, and \<^term>\n\th element of lists are recursively characterized as follows.\ thm length.simps app.simps nth_0 nth_Cons text\@{thm [display] length.simps app.simps nth_0 nth_Cons}\ (* length([]) = 0 length(Cons(a, l)) = succ(length(l)) [] @ ys = ys Cons(a, l) @ ys = Cons(a, l @ ys) nth(0, Cons(a, l)) = a n \ \ \ nth(succ(n), Cons(a, l)) = nth(n, l) *) text\We have the usual Haskell-like notation for iterated applications of \<^term>\Cons\:\ lemma Cons_app: "[a,b,c] = Cons(a,Cons(b,Cons(c,[])))" .. text\Relative quantifiers restrict the range of the bound variable to a class \<^term>\M\ of type \<^typ>\i\o\; that is, a truth-valued function with set arguments.\ lemma "\x[M]. P(x) \ \x. M(x) \ P(x)" "\x[M]. P(x) \ \x. M(x) \ P(x)" unfolding rall_def rex_def . text\Finally, a set can be viewed (“cast”) as a class using the following function of type \<^typ>\i\(i\o)\.\ thm setclass_iff text\@{thm [display] setclass_iff}\ (* (##A)(x) \ x \ A *) subsection\Relative concepts\label{sec:def-main-relative}\ text\A list of relative concepts (mostly from the ZF-Constructible library) follows next.\ thm big_union_def text\@{thm [display] big_union_def}\ (* big_union(M, A, z) \ \x[M]. x \ z \ (\y[M]. y \ A \ x \ y) *) thm upair_def text\@{thm [display] upair_def}\ (* upair(M, a, b, z) \ a \ z \ b \ z \ (\x[M]. x \ z \ x = a \ x = b) *) thm pair_def text\@{thm [display] pair_def}\ (* pair(M, a, b, z) \ \x[M]. upair(M, a, a, x) \ (\y[M]. upair(M, a, b, y) \ upair(M, x, y, z)) *) thm successor_def[unfolded is_cons_def union_def] text\@{thm [display] successor_def[unfolded is_cons_def union_def]}\ (* successor(M, a, z) \ \x[M]. upair(M, a, a, x) \ (\xa[M]. xa \ z \ xa \ x \ xa \ a) *) thm empty_def text\@{thm [display] empty_def}\ (* empty(M, z) \ \x[M]. x \ z *) thm transitive_set_def[unfolded subset_def] text\@{thm [display] transitive_set_def[unfolded subset_def]}\ (* transitive_set(M, a) \ \x[M]. x \ a \ (\xa[M]. xa \ x \ xa \ a) *) thm ordinal_def text\@{thm [display] ordinal_def}\ (* ordinal(M, a) \ transitive_set(M, a) \ (\x[M]. x \ a \ transitive_set(M, x)) *) thm image_def text\@{thm [display] image_def}\ (* image(M, r, A, z) \ \y[M]. y \ z \ (\w[M]. w \ r \ (\x[M]. x \ A \ pair(M, x, y, w))) *) thm fun_apply_def text\@{thm [display] fun_apply_def}\ (* fun_apply(M, f, x, y) \ \xs[M]. \fxs[M]. upair(M, x, x, xs) \ image(M, f, xs, fxs) \ big_union(M, fxs, y) *) thm is_function_def text\@{thm [display] is_function_def}\ (* is_function(M, r) \ \x[M]. \y[M]. \y'[M]. \p[M]. \p'[M]. pair(M, x, y, p) \ pair(M, x, y', p') \ p \ r \ p' \ r \ y = y' *) thm is_relation_def text\@{thm [display] is_relation_def}\ (* is_relation(M, r) \ \z[M]. z \ r \ (\x[M]. \y[M]. pair(M, x, y, z)) *) thm is_domain_def text\@{thm [display] is_domain_def}\ (* is_domain(M, r, z) \ \x[M]. x \ z \ (\w[M]. w \ r \ (\y[M]. pair(M, x, y, w))) *) thm typed_function_def text\@{thm [display] typed_function_def}\ (* typed_function(M, A, B, r) \ is_function(M, r) \ is_relation(M, r) \ is_domain(M, r, A) \ (\u[M]. u \ r \ (\x[M]. \y[M]. pair(M, x, y, u) \ y \ B)) *) thm is_function_space_def[unfolded is_funspace_def] function_space_rel_def surjection_def text\@{thm [display] is_function_space_def[unfolded is_funspace_def] function_space_rel_def surjection_def}\ (* is_function_space(M, A, B, fs) \ M(fs) \ (\f[M]. f \ fs \ typed_function(M, A, B, f)) A \\<^bsup>M\<^esup> B \ THE d. is_function_space(M, A, B, d) surjection(M, A, B, f) \ typed_function(M, A, B, f) \ (\y[M]. y \ B \ (\x[M]. x \ A \ is_apply(M, f, x, y))) *) text\Relative version of the $\ZFC$ axioms\ thm extensionality_def text\@{thm [display] extensionality_def}\ (* extensionality(M) \ \x[M]. \y[M]. (\z[M]. z \ x \ z \ y) \ x = y *) thm foundation_ax_def text\@{thm [display] foundation_ax_def}\ (* foundation_ax(M) \ \x[M]. (\y[M]. y \ x) \ (\y[M]. y \ x \ \ (\z[M]. z \ x \ z \ y)) *) thm upair_ax_def text\@{thm [display] upair_ax_def}\ (* upair_ax(M) \ \x[M]. \y[M]. \z[M]. upair(M, x, y, z) *) thm Union_ax_def text\@{thm [display] Union_ax_def}\ (* Union_ax(M) \ \x[M]. \z[M]. \xa[M]. xa \ z \ (\y[M]. y \ x \ xa \ y) *) thm power_ax_def[unfolded powerset_def subset_def] text\@{thm [display] power_ax_def[unfolded powerset_def subset_def]}\ (* power_ax(M) \ \x[M]. \z[M]. \xa[M]. xa \ z \ (\xb[M]. xb \ xa \ xb \ x) *) thm infinity_ax_def text\@{thm [display] infinity_ax_def}\ (* infinity_ax(M) \ \I[M]. (\z[M]. empty(M, z) \ z \ I) \ (\y[M]. y \ I \ (\sy[M]. successor(M, y, sy) \ sy \ I)) *) thm choice_ax_def text\@{thm [display] choice_ax_def}\ (* choice_ax(M) \ \x[M]. \a[M]. \f[M]. ordinal(M, a) \ surjection(M, a, x, f) *) thm separation_def text\@{thm [display] separation_def}\ (* separation(M, P) \ \z[M]. \y[M]. \x[M]. x \ y \ x \ z \ P(x) *) thm univalent_def text\@{thm [display] univalent_def}\ (* univalent(M, A, P) \ \x[M]. x \ A \ (\y[M]. \z[M]. P(x, y) \ P(x, z) \ y = z) *) thm strong_replacement_def text\@{thm [display] strong_replacement_def}\ (* strong_replacement(M, P) \ \A[M]. univalent(M, A, P) \ (\Y[M]. \b[M]. b \ Y \ (\x[M]. x \ A \ P(x, b))) *) text\Internalized formulas\ text\“Codes” for formulas (as sets) are constructed from natural numbers using \<^term>\Member\, \<^term>\Equal\, \<^term>\Nand\, and \<^term>\Forall\.\ thm Member Equal Nand Forall formula.induct text\@{thm [display] Member Equal Nand Forall formula.induct}\ (* x \ \ \ y \ \ \ \x \ y\ \ formula x \ \ \ y \ \ \ \x = y\ \ formula p \ formula \ q \ formula \ \\(p \ q)\ \ formula p \ formula \ (\p) \ formula x \ formula \ (\x y. x \ \ \ y \ \ \ P(\x \ y\)) \ (\x y. x \ \ \ y \ \ \ P(\x = y\)) \ (\p q. p \ formula \ P(p) \ q \ formula \ P(q) \ P(\\(p \ q)\)) \ (\p. p \ formula \ P(p) \ P((\p))) \ P(x) *) text\Definitions for the other connectives and the internal existential quantifier are also provided. For instance, negation:\ thm Neg_def text\@{thm [display] Neg_def}\ (* \\p\ \ \\(p \ p)\ *) thm arity.simps text\@{thm [display] arity.simps}\ (* arity(\x \ y\) = succ(x) \ succ(y) arity(\x = y\) = succ(x) \ succ(y) arity(\\(p \ q)\) = arity(p) \ arity(q) arity((\p)) = pred(arity(p)) *) text\We have the satisfaction relation between $\in$-models and first order formulas (given a “environment” list representing the assignment of free variables),\ thm mem_iff_sats equal_iff_sats sats_Nand_iff sats_Forall_iff text\@{thm [display] mem_iff_sats equal_iff_sats sats_Nand_iff sats_Forall_iff}\ (* nth(i, env) = x \ nth(j, env) = y \ env \ list(A) \ x \ y \ A, env \ \i \ j\ nth(i, env) = x \ nth(j, env) = y \ env \ list(A) \ x = y \ A, env \ \i = j\ env \ list(A) \ (A, env \ \\(p \ q)\) \ \ ((A, env \ p) \ (A, env \ q)) env \ list(A) \ (A, env \ (\\p\)) \ (\x\A. A, Cons(x, env) \ p)*) text\as well as the satisfaction of an arbitrary set of sentences.\ thm satT_def text\@{thm [display] satT_def}\ (* A \ \ \ \\\\. A, [] \ \ *) text\The internalized (viz. as elements of the set \<^term>\formula\) version of the axioms follow next.\ thm ZF_union_iff_sats ZF_power_iff_sats ZF_pairing_iff_sats ZF_foundation_iff_sats ZF_extensionality_iff_sats ZF_infinity_iff_sats sats_ZF_separation_fm_iff sats_ZF_replacement_fm_iff ZF_choice_iff_sats text\@{thm [display] ZF_union_iff_sats ZF_power_iff_sats ZF_pairing_iff_sats ZF_foundation_iff_sats ZF_extensionality_iff_sats ZF_infinity_iff_sats sats_ZF_separation_fm_iff sats_ZF_replacement_fm_iff ZF_choice_iff_sats}\ (* Union_ax(##A) \ A, [] \ \Union Ax\ power_ax(##A) \ A, [] \ \Powerset Ax\ upair_ax(##A) \ A, [] \ \Pairing\ foundation_ax(##A) \ A, [] \ \Foundation\ extensionality(##A) \ A, [] \ \Extensionality\ infinity_ax(##A) \ A, [] \ \Infinity\ \ \ formula \ (M, [] \ \Separation(\)\) \ (\env\list(M). arity(\) \ 1 +\<^sub>\ length(env) \ separation(##M, \x. M, [x] @ env \ \)) \ \ formula \ (M, [] \ \Replacement(\)\) \ (\env. replacement_assm(M, env, \)) choice_ax(##A) \ A, [] \ \AC\ *) text\Above, we use the following:\ thm replacement_assm_def text\@{thm [display] replacement_assm_def}\ (* replacement_assm(M, env, \) \ \ \ formula \ env \ list(M) \ arity(\) \ 2 +\<^sub>\ length(env) \ strong_replacement(##M, \x y. M, [x, y] @ env \ \ *) text\Finally, the axiom sets are defined as follows.\ thm ZF_fin_def ZF_schemes_def Zermelo_fms_def ZC_def ZF_def ZFC_def text\@{thm [display] ZF_fin_def ZF_schemes_def Zermelo_fms_def ZC_def ZF_def ZFC_def}\ (* ZF_fin \ {\Extensionality\, \Foundation\, \Pairing\, \Union Ax\, \Infinity\, \Powerset Ax\} ZF_schemes \ {\Separation(p)\ . p \ formula} \ {\Replacement(p)\ . p \ formula} \Z\ \ ZF_fin \ {\Separation(p)\ . p \ formula} ZC \ \Z\ \ {\AC\} ZF \ ZF_schemes \ ZF_fin ZFC \ ZF \ {\AC\} *) subsection\Relativization of infinitary arithmetic\label{sec:relative-arith}\ text\In order to state the defining property of the relative equipotence relation, we work under the assumptions of the locale \<^term>\M_cardinals\. They comprise a finite set of instances of Separation and Replacement to prove closure properties of the transitive class \<^term>\M\.\ lemma (in M_cardinals) eqpoll_def': assumes "M(A)" "M(B)" shows "A \\<^bsup>M\<^esup> B \ (\f[M]. f \ bij(A,B))" using assms unfolding eqpoll_rel_def by auto text\Below, $\mu$ denotes the minimum operator on the ordinals.\ lemma cardinalities_defs: fixes M::"i\o" shows "|A|\<^bsup>M\<^esup> \ \ i. M(i) \ i \\<^bsup>M\<^esup> A" "Card\<^bsup>M\<^esup>(\) \ \ = |\|\<^bsup>M\<^esup>" "\\<^bsup>\\,M\<^esup> \ |\ \\<^bsup>M\<^esup> \|\<^bsup>M\<^esup>" "(\\<^sup>+)\<^bsup>M\<^esup> \ \ x. M(x) \ Card\<^bsup>M\<^esup>(x) \ \ < x" unfolding cardinal_rel_def cexp_rel_def csucc_rel_def Card_rel_def . context M_aleph begin text\Analogous to the previous Lemma @{thm [source] eqpoll_def'}, we are now under the assumptions of the locale \<^term>\M_aleph\. The axiom instances included are sufficient to state and prove the defining properties of the relativized \<^term>\Aleph\ function (in particular, the required ability to perform transfinite recursions).\ thm Aleph_rel_zero Aleph_rel_succ Aleph_rel_limit text\@{thm [display] Aleph_rel_zero Aleph_rel_succ Aleph_rel_limit}\ (* \\<^bsub>0\<^esub>\<^bsup>M\<^esup> = \ Ord(\) \ M(\) \ \\<^bsub>succ(\)\<^esub>\<^bsup>M\<^esup> = (\\<^bsub>\\<^esub>\<^bsup>M\<^esup>\<^sup>+)\<^bsup>M\<^esup> Limit(\) \ M(\) \ \\<^bsub>\\<^esub>\<^bsup>M\<^esup> = (\j\\. \\<^bsub>j\<^esub>\<^bsup>M\<^esup>) *) end \ \\<^locale>\M_aleph\\ lemma ContHyp_rel_def': fixes N::"i\o" shows "CH\<^bsup>N\<^esup> \ \\<^bsub>1\<^esub>\<^bsup>N\<^esup> = 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>N\<^esup>,N\<^esup>" unfolding ContHyp_rel_def . text\Under appropriate hypotheses (this time, from the locale \<^term>\M_ZF_library\), \<^term>\CH\<^bsup>M\<^esup>\ is equivalent to its fully relational version \<^term>\is_ContHyp\. As a sanity check, we see that if the transitive class is indeed \<^term>\\\, we recover the original $\CH$.\ thm M_ZF_library.is_ContHyp_iff is_ContHyp_iff_CH[unfolded ContHyp_def] text\@{thm [display] M_ZF_library.is_ContHyp_iff is_ContHyp_iff_CH[unfolded ContHyp_def]}\ (* M_ZF_library(M) \ is_ContHyp(M) \ CH\<^bsup>M\<^esup> is_ContHyp(\) \ \\<^bsub>1\<^esub> = 2\<^bsup>\\\<^bsub>0\<^esub>\<^esup> *) text\In turn, the fully relational version evaluated on a nonempty transitive \<^term>\A\ is equivalent to the satisfaction of the first-order formula \<^term>\\CH\\.\ thm is_ContHyp_iff_sats text\@{thm [display] is_ContHyp_iff_sats}\ (* env \ list(A) \ 0 \ A \ is_ContHyp(##A) \ A, env \ \CH\ *) subsection\Forcing \label{sec:def-main-forcing}\ text\Our first milestone was to obtain a proper extension using forcing. Its original proof didn't required the previous developments involving the relativization of material on cardinal arithmetic. Now it is derived from a stronger result, namely @{thm [source] extensions_of_ctms} below.\ thm extensions_of_ctms_ZF text\@{thm [display] extensions_of_ctms_ZF}\ (* M \ \ \ Transset(M) \ M \ ZF \ \N. M \ N \ N \ \ \ Transset(N) \ N \ ZF \ M \ N \ (\\. Ord(\) \ \ \ M \ \ \ N) \ ((M, [] \ \AC\) \ N \ ZFC) *) text\We can finally state our main results, namely, the existence of models for $\ZFC + \CH$ and $\ZFC + \neg\CH$ under the assumption of a ctm of $\ZFC$.\ thm ctm_ZFC_imp_ctm_not_CH text\@{thm [display] ctm_ZFC_imp_ctm_not_CH}\ (* M \ \ \ Transset(M) \ M \ ZFC \ \N. M \ N \ N \ \ \ Transset(N) \ N \ ZFC \ {\\\CH\\} \ (\\. Ord(\) \ \ \ M \ \ \ N) *) thm ctm_ZFC_imp_ctm_CH text\@{thm [display] ctm_ZFC_imp_ctm_CH}\ (* M \ \ \ Transset(M) \ M \ ZFC \ \N. M \ N \ N \ \ \ Transset(N) \ N \ ZFC \ {\CH\} \ (\\. Ord(\) \ \ \ M \ \ \ N) *) text\These results can be strengthened by enumerating six finite sets of replacement instances which are sufficient to develop forcing and for the construction of the aforementioned models: \<^term>\instances1_fms\ through \<^term>\instances3_fms\, \<^term>\instances_ground_fms\, and \<^term>\instances_ground_notCH_fms\, which are then collected into the $31$-element set \<^term>\overhead_notCH\. For example, we have:\ thm instances1_fms_def text\@{thm [display] instances1_fms_def}\ (* instances1_fms \ -{ list_repl1_intf_fm, list_repl2_intf_fm, formula_repl1_intf_fm, - formula_repl2_intf_fm, eclose_repl1_intf_fm, eclose_repl2_intf_fm, - wfrec_rank_fm, trans_repl_HVFrom_fm, tl_repl_intf_fm } +{ eclose_repl1_intf_fm, eclose_repl2_intf_fm, + wfrec_rank_fm, trans_repl_HVFrom_fm } *) thm overhead_def overhead_notCH_def text\@{thm [display] overhead_def overhead_notCH_def overhead_CH_def}\ (* overhead \ instances1_fms \ instances_ground_fms overhead_notCH \ overhead \ instances2_fms \ instances3_fms \ instances_ground_notCH_fms *) text\One further instance is needed to force $\CH$, with a total count of $32$ instances:\ thm overhead_CH_def text\@{thm [display] overhead_CH_def}\ (* overhead_CH \ overhead_notCH \ {replacement_dcwit_repl_body_fm} *) thm extensions_of_ctms text\@{thm [display] extensions_of_ctms}\ (* M \ \ \ Transset(M) \ M \ \Z\ \ {\Replacement(p)\ . p \ overhead} \ \ \ formula \ M \ {\Replacement(ground_repl_fm(\))\ . \ \ \} \ \N. M \ N \ N \ \ \ Transset(N) \ M \ N \ (\\. Ord(\) \ \ \ M \ \ \ N) \ ((M, [] \ \AC\) \ N, [] \ \AC\) \ N \ \Z\ \ {\Replacement(\)\ . \ \ \} *) thm ctm_of_not_CH text\@{thm [display] ctm_of_not_CH}\ (* M \ \ \ Transset(M) \ M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH} \ \ \ formula \ M \ {\Replacement(ground_repl_fm(\))\ . \ \ \} \ \N. M \ N \ N \ \ \ Transset(N) \ N \ ZC \ {\\\CH\\} \ {\Replacement(\)\ . \ \ \} \ (\\. Ord(\) \ \ \ M \ \ \ N) *) thm ctm_of_CH text\@{thm [display] ctm_of_CH}\ (* M \ \ \ Transset(M) \ M \ ZC \ {\Replacement(p)\ . p \ overhead_CH} \ \ \ formula \ M \ {\Replacement(ground_repl_fm(\))\ . \ \ \} \ \N. M \ N \ N \ \ \ Transset(N) \ N \ ZC \ {\CH\} \ {\Replacement(\)\ . \ \ \} \ (\\. Ord(\) \ \ \ M \ \ \ N) *) text\In the above three statements, the function \<^term>\ground_repl_fm\ takes an element \<^term>\\\ of \<^term>\formula\ and returns the replacement instance in the ground model that produces the \<^term>\\\-replacement instance in the generic extension. The next result is stated in the context \<^locale>\G_generic1\, which assumes the existence of a generic filter.\ context G_generic1 begin thm sats_ground_repl_fm_imp_sats_ZF_replacement_fm text\@{thm [display] sats_ground_repl_fm_imp_sats_ZF_replacement_fm}\ (* \ \ formula \ M, [] \ \Replacement(ground_repl_fm(\))\ \ M[G], [] \ \Replacement(\)\ *) end \ \\<^locale>\G_generic1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Forces_Definition.thy b/thys/Independence_CH/Forces_Definition.thy --- a/thys/Independence_CH/Forces_Definition.thy +++ b/thys/Independence_CH/Forces_Definition.thy @@ -1,852 +1,853 @@ section\The definition of \<^term>\forces\\ theory Forces_Definition imports Forcing_Data begin text\This is the core of our development.\ subsection\The relation \<^term>\frecrel\\ lemma names_belowsD: assumes "x \ names_below(P,z)" obtains f n1 n2 p where "x = \f,n1,n2,p\" "f\2" "n1\ecloseN(z)" "n2\ecloseN(z)" "p\P" using assms unfolding names_below_def by auto context forcing_data1 begin (* Absoluteness of components *) lemma ftype_abs: "\x\M; y\M \ \ is_ftype(##M,x,y) \ y = ftype(x)" unfolding ftype_def is_ftype_def by (simp add:absolut) lemma name1_abs: "\x\M; y\M \ \ is_name1(##M,x,y) \ y = name1(x)" unfolding name1_def is_name1_def by (rule is_hcomp_abs[OF fst_abs],simp_all add: fst_snd_closed[simplified] absolut) lemma snd_snd_abs: "\x\M; y\M \ \ is_snd_snd(##M,x,y) \ y = snd(snd(x))" unfolding is_snd_snd_def by (rule is_hcomp_abs[OF snd_abs], simp_all add: conjunct2[OF fst_snd_closed,simplified] absolut) lemma name2_abs: "\x\M; y\M \ \ is_name2(##M,x,y) \ y = name2(x)" unfolding name2_def is_name2_def by (rule is_hcomp_abs[OF fst_abs snd_snd_abs],simp_all add:absolut conjunct2[OF fst_snd_closed,simplified]) lemma cond_of_abs: "\x\M; y\M \ \ is_cond_of(##M,x,y) \ y = cond_of(x)" unfolding cond_of_def is_cond_of_def by (rule is_hcomp_abs[OF snd_abs snd_snd_abs];simp_all add:fst_snd_closed[simplified]) lemma tuple_abs: "\z\M;t1\M;t2\M;p\M;t\M\ \ is_tuple(##M,z,t1,t2,p,t) \ t = \z,t1,t2,p\" unfolding is_tuple_def using pair_in_M_iff by simp lemmas components_abs = ftype_abs name1_abs name2_abs cond_of_abs tuple_abs lemma comp_in_M: "p \ q \ p\M" "p \ q \ q\M" using transitivity[of _ leq] pair_in_M_iff by auto (* Absoluteness of Hfrc *) lemma eq_case_abs [simp]: assumes "t1\M" "t2\M" "p\M" "f\M" - shows "is_eq_case(##M,t1,t2,p,P,leq,f) \ eq_case(t1,t2,p,P,leq,f)" + shows "is_eq_case(##M,t1,t2,p,\,leq,f) \ eq_case(t1,t2,p,\,leq,f)" proof - have "q \ p \ q\M" for q using comp_in_M by simp moreover have "\s,y\\t \ s\domain(t)" if "t\M" for s y t using that unfolding domain_def by auto ultimately have - "(\s\M. s \ domain(t1) \ s \ domain(t2) \ (\q\M. q\P \ q \ p \ + "(\s\M. s \ domain(t1) \ s \ domain(t2) \ (\q\M. q\\ \ q \ p \ (f ` \1, s, t1, q\ =1 \ f ` \1, s, t2, q\=1))) \ - (\s. s \ domain(t1) \ s \ domain(t2) \ (\q. q\P \ q \ p \ + (\s. s \ domain(t1) \ s \ domain(t2) \ (\q. q\\ \ q \ p \ (f ` \1, s, t1, q\ =1 \ f ` \1, s, t2, q\=1)))" using assms domain_trans[OF trans_M,of t1] domain_trans[OF trans_M,of t2] by auto then show ?thesis unfolding eq_case_def is_eq_case_def using assms pair_in_M_iff nat_into_M domain_closed apply_closed zero_in_M Un_closed by (simp add:components_abs) qed lemma mem_case_abs [simp]: assumes "t1\M" "t2\M" "p\M" "f\M" - shows "is_mem_case(##M,t1,t2,p,P,leq,f) \ mem_case(t1,t2,p,P,leq,f)" + shows "is_mem_case(##M,t1,t2,p,\,leq,f) \ mem_case(t1,t2,p,\,leq,f)" proof { fix v - assume "v\P" "v \ p" "is_mem_case(##M,t1,t2,p,P,leq,f)" + assume "v\\" "v \ p" "is_mem_case(##M,t1,t2,p,\,leq,f)" moreover from this have "v\M" "\v,p\ \ M" "(##M)(v)" using transitivity[OF _ P_in_M,of v] transitivity[OF _ leq_in_M] by simp_all moreover from calculation assms obtain q r s where - "r \ P \ q \ P \ \q, v\ \ M \ \s, r\ \ M \ \q, r\ \ M \ 0 \ M \ + "r \ \ \ q \ \ \ \q, v\ \ M \ \s, r\ \ M \ \q, r\ \ M \ 0 \ M \ \0, t1, s, q\ \ M \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" unfolding is_mem_case_def by (auto simp add:components_abs) then - have "\q s r. r \ P \ q \ P \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" + have "\q s r. r \ \ \ q \ \ \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" by auto } then - show "mem_case(t1, t2, p, P, leq, f)" if "is_mem_case(##M, t1, t2, p, P, leq, f)" + show "mem_case(t1, t2, p, \, leq, f)" if "is_mem_case(##M, t1, t2, p, \, leq, f)" unfolding mem_case_def using that assms by auto next { fix v - assume "v \ M" "v \ P" "\v, p\ \ M" "v \ p" "mem_case(t1, t2, p, P, leq, f)" + assume "v \ M" "v \ \" "\v, p\ \ M" "v \ p" "mem_case(t1, t2, p, \, leq, f)" moreover from this - obtain q s r where "r \ P \ q \ P \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" + obtain q s r where "r \ \ \ q \ \ \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" unfolding mem_case_def by auto moreover from this \t2\M\ - have "r\M" "q\M" "s\M" "r \ P \ q \ P \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" + have "r\M" "q\M" "s\M" "r \ \ \ q \ \ \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" using transitivity domainI[of s r] domain_closed by auto moreover note \t1\M\ ultimately have "\q\M . \s\M. \r\M. - r \ P \ q \ P \ \q, v\ \ M \ \s, r\ \ M \ \q, r\ \ M \ 0 \ M \ + r \ \ \ q \ \ \ \q, v\ \ M \ \s, r\ \ M \ \q, r\ \ M \ 0 \ M \ \0, t1, s, q\ \ M \ q \ v \ \s, r\ \ t2 \ q \ r \ f ` \0, t1, s, q\ = 1" using pair_in_M_iff zero_in_M by auto } then - show "is_mem_case(##M, t1, t2, p, P, leq, f)" if "mem_case(t1, t2, p, P, leq, f)" + show "is_mem_case(##M, t1, t2, p, \, leq, f)" if "mem_case(t1, t2, p, \, leq, f)" unfolding is_mem_case_def using assms that zero_in_M pair_in_M_iff apply_closed nat_into_M by (auto simp add:components_abs) qed lemma Hfrc_abs: "\fnnc\M; f\M\ \ - is_Hfrc(##M,P,leq,fnnc,f) \ Hfrc(P,leq,fnnc,f)" + is_Hfrc(##M,\,leq,fnnc,f) \ Hfrc(\,leq,fnnc,f)" unfolding is_Hfrc_def Hfrc_def using pair_in_M_iff zero_in_M by (auto simp add:components_abs) lemma Hfrc_at_abs: "\fnnc\M; f\M ; z\M\ \ - is_Hfrc_at(##M,P,leq,fnnc,f,z) \ z = bool_of_o(Hfrc(P,leq,fnnc,f)) " + is_Hfrc_at(##M,\,leq,fnnc,f,z) \ z = bool_of_o(Hfrc(\,leq,fnnc,f)) " unfolding is_Hfrc_at_def using Hfrc_abs by auto lemma components_closed : "x\M \ (##M)(ftype(x))" "x\M \ (##M)(name1(x))" "x\M \ (##M)(name2(x))" "x\M \ (##M)(cond_of(x))" unfolding ftype_def name1_def name2_def cond_of_def using fst_snd_closed by simp_all lemma ecloseN_closed: "(##M)(A) \ (##M)(ecloseN(A))" "(##M)(A) \ (##M)(eclose_n(name1,A))" "(##M)(A) \ (##M)(eclose_n(name2,A))" unfolding ecloseN_def eclose_n_def using components_closed eclose_closed singleton_closed Un_closed by auto lemma eclose_n_abs : assumes "x\M" "ec\M" shows "is_eclose_n(##M,is_name1,ec,x) \ ec = eclose_n(name1,x)" "is_eclose_n(##M,is_name2,ec,x) \ ec = eclose_n(name2,x)" unfolding is_eclose_n_def eclose_n_def using assms name1_abs name2_abs eclose_abs singleton_closed components_closed by auto lemma ecloseN_abs : "\x\M;ec\M\ \ is_ecloseN(##M,x,ec) \ ec = ecloseN(x)" unfolding is_ecloseN_def ecloseN_def using eclose_n_abs Un_closed union_abs ecloseN_closed by auto lemma frecR_abs : "x\M \ y\M \ frecR(x,y) \ is_frecR(##M,x,y)" unfolding frecR_def is_frecR_def using zero_in_M domain_closed Un_closed components_closed nat_into_M by (auto simp add: components_abs) lemma frecrelP_abs : "z\M \ frecrelP(##M,z) \ (\x y. z = \x,y\ \ frecR(x,y))" using pair_in_M_iff frecR_abs unfolding frecrelP_def by auto lemma frecrel_abs: assumes "A\M" "r\M" shows "is_frecrel(##M,A,r) \ r = frecrel(A)" proof - from \A\M\ have "z\M" if "z\A\A" for z using cartprod_closed transitivity that by simp then have "Collect(A\A,frecrelP(##M)) = Collect(A\A,\z. (\x y. z = \x,y\ \ frecR(x,y)))" using Collect_cong[of "A\A" "A\A" "frecrelP(##M)"] assms frecrelP_abs by simp with assms show ?thesis unfolding is_frecrel_def def_frecrel using cartprod_closed by simp qed lemma frecrel_closed: assumes "x\M" shows "frecrel(x)\M" proof - have "Collect(x\x,\z. (\x y. z = \x,y\ \ frecR(x,y)))\M" using Collect_in_M[of "frecrelP_fm(0)" "[]"] arity_frecrelP_fm sats_frecrelP_fm frecrelP_abs \x\M\ cartprod_closed by simp then show ?thesis unfolding frecrel_def Rrel_def frecrelP_def by simp qed -lemma field_frecrel : "field(frecrel(names_below(P,x))) \ names_below(P,x)" +lemma field_frecrel : "field(frecrel(names_below(\,x))) \ names_below(\,x)" unfolding frecrel_def using field_Rrel by simp -lemma forcerelD : "uv \ forcerel(P,x) \ uv\ names_below(P,x) \ names_below(P,x)" +lemma forcerelD : "uv \ forcerel(\,x) \ uv\ names_below(\,x) \ names_below(\,x)" unfolding forcerel_def using trancl_type field_frecrel by blast lemma wf_forcerel : - "wf(forcerel(P,x))" + "wf(forcerel(\,x))" unfolding forcerel_def using wf_trancl wf_frecrel . lemma restrict_trancl_forcerel: assumes "frecR(w,y)" - shows "restrict(f,frecrel(names_below(P,x))-``{y})`w - = restrict(f,forcerel(P,x)-``{y})`w" + shows "restrict(f,frecrel(names_below(\,x))-``{y})`w + = restrict(f,forcerel(\,x)-``{y})`w" unfolding forcerel_def frecrel_def using assms restrict_trancl_Rrel[of frecR] by simp lemma names_belowI : - assumes "frecR(\ft,n1,n2,p\,\a,b,c,d\)" "p\P" - shows "\ft,n1,n2,p\ \ names_below(P,\a,b,c,d\)" (is "?x \ names_below(_,?y)") + assumes "frecR(\ft,n1,n2,p\,\a,b,c,d\)" "p\\" + shows "\ft,n1,n2,p\ \ names_below(\,\a,b,c,d\)" (is "?x \ names_below(_,?y)") proof - from assms have "ft \ 2" "a \ 2" unfolding frecR_def by (auto simp add:components_simp) from assms consider (eq) "n1 \ domain(b) \ domain(c) \ (n2 = b \ n2 =c)" | (mem) "n1 = b \ n2 \ domain(c)" unfolding frecR_def by (auto simp add:components_simp) then show ?thesis proof cases case eq then have "n1 \ eclose(b) \ n1 \ eclose(c)" using Un_iff in_dom_in_eclose by auto with eq have "n1 \ ecloseN(?y)" "n2 \ ecloseN(?y)" using ecloseNI components_in_eclose by auto - with \ft\2\ \p\P\ + with \ft\2\ \p\\\ show ?thesis unfolding names_below_def by auto next case mem then have "n1 \ ecloseN(?y)" "n2 \ ecloseN(?y)" using mem_eclose_trans ecloseNI in_dom_in_eclose components_in_eclose by auto - with \ft\2\ \p\P\ + with \ft\2\ \p\\\ show ?thesis unfolding names_below_def by auto qed qed lemma names_below_tr : - assumes "x\ names_below(P,y)" "y\ names_below(P,z)" - shows "x\ names_below(P,z)" + assumes "x\ names_below(\,y)" "y\ names_below(\,z)" + shows "x\ names_below(\,z)" proof - - let ?A="\y . names_below(P,y)" + let ?A="\y . names_below(\,y)" note assms moreover from this - obtain fx x1 x2 px where "x = \fx,x1,x2,px\" "fx\2" "x1\ecloseN(y)" "x2\ecloseN(y)" "px\P" + obtain fx x1 x2 px where "x = \fx,x1,x2,px\" "fx\2" "x1\ecloseN(y)" "x2\ecloseN(y)" "px\\" unfolding names_below_def by auto moreover from calculation - obtain fy y1 y2 py where "y = \fy,y1,y2,py\" "fy\2" "y1\ecloseN(z)" "y2\ecloseN(z)" "py\P" + obtain fy y1 y2 py where "y = \fy,y1,y2,py\" "fy\2" "y1\ecloseN(z)" "y2\ecloseN(z)" "py\\" unfolding names_below_def by auto moreover from calculation have "x1\ecloseN(z)" "x2\ecloseN(z)" using ecloseN_mono names_simp by auto ultimately have "x\?A(z)" unfolding names_below_def by simp then show ?thesis using subsetI by simp qed lemma arg_into_names_below2 : - assumes "\x,y\ \ frecrel(names_below(P,z))" - shows "x \ names_below(P,y)" + assumes "\x,y\ \ frecrel(names_below(\,z))" + shows "x \ names_below(\,y)" proof - from assms - have "x\names_below(P,z)" "y\names_below(P,z)" "frecR(x,y)" + have "x\names_below(\,z)" "y\names_below(\,z)" "frecR(x,y)" unfolding frecrel_def Rrel_def by auto - obtain f n1 n2 p where "x = \f,n1,n2,p\" "f\2" "n1\ecloseN(z)" "n2\ecloseN(z)" "p\P" - using \x\names_below(P,z)\ + obtain f n1 n2 p where "x = \f,n1,n2,p\" "f\2" "n1\ecloseN(z)" "n2\ecloseN(z)" "p\\" + using \x\names_below(\,z)\ unfolding names_below_def by auto moreover - obtain fy m1 m2 q where "q\P" "y = \fy,m1,m2,q\" - using \y\names_below(P,z)\ + obtain fy m1 m2 q where "q\\" "y = \fy,m1,m2,q\" + using \y\names_below(\,z)\ unfolding names_below_def by auto moreover note \frecR(x,y)\ ultimately show ?thesis using names_belowI by simp qed lemma arg_into_names_below : - assumes "\x,y\ \ frecrel(names_below(P,z))" - shows "x \ names_below(P,x)" + assumes "\x,y\ \ frecrel(names_below(\,z))" + shows "x \ names_below(\,x)" proof - from assms - have "x\names_below(P,z)" + have "x\names_below(\,z)" unfolding frecrel_def Rrel_def by auto - from \x\names_below(P,z)\ + from \x\names_below(\,z)\ obtain f n1 n2 p where - "x = \f,n1,n2,p\" "f\2" "n1\ecloseN(z)" "n2\ecloseN(z)" "p\P" + "x = \f,n1,n2,p\" "f\2" "n1\ecloseN(z)" "n2\ecloseN(z)" "p\\" unfolding names_below_def by auto then have "n1\ecloseN(x)" "n2\ecloseN(x)" using components_in_eclose by simp_all - with \f\2\ \p\P\ \x = \f,n1,n2,p\\ + with \f\2\ \p\\\ \x = \f,n1,n2,p\\ show ?thesis unfolding names_below_def by simp qed lemma forcerel_arg_into_names_below : - assumes "\x,y\ \ forcerel(P,z)" - shows "x \ names_below(P,x)" + assumes "\x,y\ \ forcerel(\,z)" + shows "x \ names_below(\,x)" using assms unfolding forcerel_def by(rule trancl_induct;auto simp add: arg_into_names_below) lemma names_below_mono : - assumes "\x,y\ \ frecrel(names_below(P,z))" - shows "names_below(P,x) \ names_below(P,y)" + assumes "\x,y\ \ frecrel(names_below(\,z))" + shows "names_below(\,x) \ names_below(\,y)" proof - from assms - have "x\names_below(P,y)" + have "x\names_below(\,y)" using arg_into_names_below2 by simp then show ?thesis using names_below_tr subsetI by simp qed lemma frecrel_mono : - assumes "\x,y\ \ frecrel(names_below(P,z))" - shows "frecrel(names_below(P,x)) \ frecrel(names_below(P,y))" + assumes "\x,y\ \ frecrel(names_below(\,z))" + shows "frecrel(names_below(\,x)) \ frecrel(names_below(\,y))" unfolding frecrel_def using Rrel_mono names_below_mono assms by simp lemma forcerel_mono2 : - assumes "\x,y\ \ frecrel(names_below(P,z))" - shows "forcerel(P,x) \ forcerel(P,y)" + assumes "\x,y\ \ frecrel(names_below(\,z))" + shows "forcerel(\,x) \ forcerel(\,y)" unfolding forcerel_def using trancl_mono frecrel_mono assms by simp lemma forcerel_mono_aux : - assumes "\x,y\ \ frecrel(names_below(P, w))^+" - shows "forcerel(P,x) \ forcerel(P,y)" + assumes "\x,y\ \ frecrel(names_below(\, w))^+" + shows "forcerel(\,x) \ forcerel(\,y)" using assms by (rule trancl_induct,simp_all add: subset_trans forcerel_mono2) lemma forcerel_mono : - assumes "\x,y\ \ forcerel(P,z)" - shows "forcerel(P,x) \ forcerel(P,y)" + assumes "\x,y\ \ forcerel(\,z)" + shows "forcerel(\,x) \ forcerel(\,y)" using forcerel_mono_aux assms unfolding forcerel_def by simp -lemma forcerel_eq_aux: "x \ names_below(P, w) \ \x,y\ \ forcerel(P,z) \ - (y \ names_below(P, w) \ \x,y\ \ forcerel(P,w))" +lemma forcerel_eq_aux: "x \ names_below(\, w) \ \x,y\ \ forcerel(\,z) \ + (y \ names_below(\, w) \ \x,y\ \ forcerel(\,w))" unfolding forcerel_def -proof(rule_tac a=x and b=y and P="\ y . y \ names_below(P, w) \ \x,y\ \ frecrel(names_below(P,w))^+" in trancl_induct,simp) - let ?A="\ a . names_below(P, a)" +proof (rule_tac a=x and b=y and + P="\ y . y \ names_below(\, w) \ \x,y\ \ frecrel(names_below(\,w))^+" in trancl_induct,simp) + let ?A="\ a . names_below(\, a)" let ?R="\ a . frecrel(?A(a))" let ?fR="\ a .forcerel(a)" show "u\?A(w) \ \x,u\\?R(w)^+" if "x\?A(w)" "\x,y\\?R(z)^+" "\x,u\\?R(z)" for u using that frecrelD frecrelI r_into_trancl unfolding names_below_def by simp { fix u v assume "x \ ?A(w)" "\x, y\ \ ?R(z)^+" "\x, u\ \ ?R(z)^+" "\u, v\ \ ?R(z)" "u \ ?A(w) \ \x, u\ \ ?R(w)^+" then have "v \ ?A(w) \ \x, v\ \ ?R(w)^+" proof - assume "v \?A(w)" from \\u,v\\_\ have "u\?A(v)" using arg_into_names_below2 by simp with \v \?A(w)\ have "u\?A(w)" using names_below_tr by simp with \v\_\ \\u,v\\_\ have "\u,v\\ ?R(w)" using frecrelD frecrelI r_into_trancl unfolding names_below_def by simp with \u \ ?A(w) \ \x, u\ \ ?R(w)^+\ \u\?A(w)\ have "\x, u\ \ ?R(w)^+" by simp with \\u,v\\ ?R(w)\ show "\x,v\\ ?R(w)^+" using trancl_trans r_into_trancl by simp qed } then show "v \ ?A(w) \ \x, v\ \ ?R(w)^+" if "x \ ?A(w)" "\x, y\ \ ?R(z)^+" "\x, u\ \ ?R(z)^+" "\u, v\ \ ?R(z)" "u \ ?A(w) \ \x, u\ \ ?R(w)^+" for u v using that by simp qed lemma forcerel_eq : - assumes "\z,x\ \ forcerel(P,x)" - shows "forcerel(P,z) = forcerel(P,x) \ names_below(P,z)\names_below(P,z)" + assumes "\z,x\ \ forcerel(\,x)" + shows "forcerel(\,z) = forcerel(\,x) \ names_below(\,z)\names_below(\,z)" using assms forcerel_eq_aux forcerelD forcerel_mono[of z x x] subsetI by auto lemma forcerel_below_aux : - assumes "\z,x\ \ forcerel(P,x)" "\u,z\ \ forcerel(P,x)" - shows "u \ names_below(P,z)" + assumes "\z,x\ \ forcerel(\,x)" "\u,z\ \ forcerel(\,x)" + shows "u \ names_below(\,z)" using assms(2) unfolding forcerel_def proof(rule trancl_induct) - show "u \ names_below(P,y)" if " \u, y\ \ frecrel(names_below(P, x))" for y + show "u \ names_below(\,y)" if " \u, y\ \ frecrel(names_below(\, x))" for y using that vimage_singleton_iff arg_into_names_below2 by simp next - show "u \ names_below(P,z)" - if "\u, y\ \ frecrel(names_below(P, x))^+" - "\y, z\ \ frecrel(names_below(P, x))" - "u \ names_below(P, y)" + show "u \ names_below(\,z)" + if "\u, y\ \ frecrel(names_below(\, x))^+" + "\y, z\ \ frecrel(names_below(\, x))" + "u \ names_below(\, y)" for y z using that arg_into_names_below2[of y z x] names_below_tr by simp qed lemma forcerel_below : - assumes "\z,x\ \ forcerel(P,x)" - shows "forcerel(P,x) -`` {z} \ names_below(P,z)" + assumes "\z,x\ \ forcerel(\,x)" + shows "forcerel(\,x) -`` {z} \ names_below(\,z)" using vimage_singleton_iff assms forcerel_below_aux by auto lemma relation_forcerel : - shows "relation(forcerel(P,z))" "trans(forcerel(P,z))" + shows "relation(forcerel(\,z))" "trans(forcerel(\,z))" unfolding forcerel_def using relation_trancl trans_trancl by simp_all -lemma Hfrc_restrict_trancl: "bool_of_o(Hfrc(P, leq, y, restrict(f,frecrel(names_below(P,x))-``{y}))) - = bool_of_o(Hfrc(P, leq, y, restrict(f,(frecrel(names_below(P,x))^+)-``{y})))" +lemma Hfrc_restrict_trancl: "bool_of_o(Hfrc(\, leq, y, restrict(f,frecrel(names_below(\,x))-``{y}))) + = bool_of_o(Hfrc(\, leq, y, restrict(f,(frecrel(names_below(\,x))^+)-``{y})))" unfolding Hfrc_def bool_of_o_def eq_case_def mem_case_def using restrict_trancl_forcerel frecRI1 frecRI2 frecRI3 unfolding forcerel_def by simp (* Recursive definition of forces for atomic formulas using a transitive relation *) -lemma frc_at_trancl: "frc_at(P,leq,z) = wfrec(forcerel(P,z),z,\x f. bool_of_o(Hfrc(P,leq,x,f)))" +lemma frc_at_trancl: "frc_at(\,leq,z) = wfrec(forcerel(\,z),z,\x f. bool_of_o(Hfrc(\,leq,x,f)))" unfolding frc_at_def forcerel_def using wf_eq_trancl Hfrc_restrict_trancl by simp lemma forcerelI1 : - assumes "n1 \ domain(b) \ n1 \ domain(c)" "p\P" "d\P" - shows "\\1, n1, b, p\, \0,b,c,d\\\ forcerel(P,\0,b,c,d\)" + assumes "n1 \ domain(b) \ n1 \ domain(c)" "p\\" "d\\" + shows "\\1, n1, b, p\, \0,b,c,d\\\ forcerel(\,\0,b,c,d\)" proof - let ?x="\1, n1, b, p\" let ?y="\0,b,c,d\" from assms have "frecR(?x,?y)" using frecRI1 by simp then - have "?x\names_below(P,?y)" "?y \ names_below(P,?y)" + have "?x\names_below(\,?y)" "?y \ names_below(\,?y)" using names_belowI assms components_in_eclose unfolding names_below_def by auto with \frecR(?x,?y)\ show ?thesis unfolding forcerel_def frecrel_def using subsetD[OF r_subset_trancl[OF relation_Rrel]] RrelI by auto qed lemma forcerelI2 : - assumes "n1 \ domain(b) \ n1 \ domain(c)" "p\P" "d\P" - shows "\\1, n1, c, p\, \0,b,c,d\\\ forcerel(P,\0,b,c,d\)" + assumes "n1 \ domain(b) \ n1 \ domain(c)" "p\\" "d\\" + shows "\\1, n1, c, p\, \0,b,c,d\\\ forcerel(\,\0,b,c,d\)" proof - let ?x="\1, n1, c, p\" let ?y="\0,b,c,d\" note assms moreover from this have "frecR(?x,?y)" using frecRI2 by simp moreover from calculation - have "?x\names_below(P,?y)" "?y \ names_below(P,?y)" + have "?x\names_below(\,?y)" "?y \ names_below(\,?y)" using names_belowI components_in_eclose unfolding names_below_def by auto ultimately show ?thesis unfolding forcerel_def frecrel_def using subsetD[OF r_subset_trancl[OF relation_Rrel]] RrelI by auto qed lemma forcerelI3 : - assumes "\n2, r\ \ c" "p\P" "d\P" "r \ P" - shows "\\0, b, n2, p\,\1, b, c, d\\ \ forcerel(P,\1,b,c,d\)" + assumes "\n2, r\ \ c" "p\\" "d\\" "r \ \" + shows "\\0, b, n2, p\,\1, b, c, d\\ \ forcerel(\,\1,b,c,d\)" proof - let ?x="\0, b, n2, p\" let ?y="\1, b, c, d\" note assms moreover from this have "frecR(?x,?y)" using frecRI3 by simp moreover from calculation - have "?x\names_below(P,?y)" "?y \ names_below(P,?y)" + have "?x\names_below(\,?y)" "?y \ names_below(\,?y)" using names_belowI components_in_eclose unfolding names_below_def by auto ultimately show ?thesis unfolding forcerel_def frecrel_def using subsetD[OF r_subset_trancl[OF relation_Rrel]] RrelI by auto qed lemmas forcerelI = forcerelI1[THEN vimage_singleton_iff[THEN iffD2]] forcerelI2[THEN vimage_singleton_iff[THEN iffD2]] forcerelI3[THEN vimage_singleton_iff[THEN iffD2]] lemma aux_def_frc_at: - assumes "z \ forcerel(P,x) -`` {x}" - shows "wfrec(forcerel(P,x), z, H) = wfrec(forcerel(P,z), z, H)" + assumes "z \ forcerel(\,x) -`` {x}" + shows "wfrec(forcerel(\,x), z, H) = wfrec(forcerel(\,z), z, H)" proof - - let ?A="names_below(P,z)" + let ?A="names_below(\,z)" from assms - have "\z,x\ \ forcerel(P,x)" + have "\z,x\ \ forcerel(\,x)" using vimage_singleton_iff by simp moreover from this have "z \ ?A" using forcerel_arg_into_names_below by simp moreover from calculation - have "forcerel(P,z) = forcerel(P,x) \ (?A\?A)" - "forcerel(P,x) -`` {z} \ ?A" + have "forcerel(\,z) = forcerel(\,x) \ (?A\?A)" + "forcerel(\,x) -`` {z} \ ?A" using forcerel_eq forcerel_below by auto moreover from calculation - have "wfrec(forcerel(P,x), z, H) = wfrec[?A](forcerel(P,x), z, H)" + have "wfrec(forcerel(\,x), z, H) = wfrec[?A](forcerel(\,x), z, H)" using wfrec_trans_restr[OF relation_forcerel(1) wf_forcerel relation_forcerel(2), of x z ?A] by simp ultimately show ?thesis using wfrec_restr_eq by simp qed subsection\Recursive expression of \<^term>\frc_at\\ lemma def_frc_at : - assumes "p\P" + assumes "p\\" shows - "frc_at(P,leq,\ft,n1,n2,p\) = - bool_of_o( p \P \ + "frc_at(\,leq,\ft,n1,n2,p\) = + bool_of_o( p \\ \ ( ft = 0 \ (\s. s\domain(n1) \ domain(n2) \ - (\q. q\P \ q \ p \ (frc_at(P,leq,\1,s,n1,q\) =1 \ frc_at(P,leq,\1,s,n2,q\) =1))) - \ ft = 1 \ ( \v\P. v \ p \ - (\q. \s. \r. r\P \ q\P \ q \ v \ \s,r\ \ n2 \ q \ r \ frc_at(P,leq,\0,n1,s,q\) = 1))))" + (\q. q\\ \ q \ p \ (frc_at(\,leq,\1,s,n1,q\) =1 \ frc_at(\,leq,\1,s,n2,q\) =1))) + \ ft = 1 \ ( \v\\. v \ p \ + (\q. \s. \r. r\\ \ q\\ \ q \ v \ \s,r\ \ n2 \ q \ r \ frc_at(\,leq,\0,n1,s,q\) = 1))))" proof - - let ?r="\y. forcerel(P,y)" and ?Hf="\x f. bool_of_o(Hfrc(P,leq,x,f))" + let ?r="\y. forcerel(\,y)" and ?Hf="\x f. bool_of_o(Hfrc(\,leq,x,f))" let ?t="\y. ?r(y) -`` {y}" let ?arg="\ft,n1,n2,p\" from wf_forcerel have wfr: "\w . wf(?r(w))" .. with wfrec [of "?r(?arg)" ?arg ?Hf] - have "frc_at(P,leq,?arg) = ?Hf( ?arg, \x\?r(?arg) -`` {?arg}. wfrec(?r(?arg), x, ?Hf))" + have "frc_at(\,leq,?arg) = ?Hf( ?arg, \x\?r(?arg) -`` {?arg}. wfrec(?r(?arg), x, ?Hf))" using frc_at_trancl by simp also - have " ... = ?Hf( ?arg, \x\?r(?arg) -`` {?arg}. frc_at(P,leq,x))" + have " ... = ?Hf( ?arg, \x\?r(?arg) -`` {?arg}. frc_at(\,leq,x))" using aux_def_frc_at frc_at_trancl by simp finally show ?thesis unfolding Hfrc_def mem_case_def eq_case_def using forcerelI assms by auto qed subsection\Absoluteness of \<^term>\frc_at\\ lemma forcerel_in_M : assumes "x\M" - shows "forcerel(P,x)\M" + shows "forcerel(\,x)\M" unfolding forcerel_def def_frecrel names_below_def proof - - let ?Q = "2 \ ecloseN(x) \ ecloseN(x) \ P" + let ?Q = "2 \ ecloseN(x) \ ecloseN(x) \ \" have "?Q \ ?Q \ M" using \x\M\ nat_into_M ecloseN_closed cartprod_closed by simp moreover have "separation(##M,\z. frecrelP(##M,z))" using separation_in_ctm[of "frecrelP_fm(0)",OF _ _ _ sats_frecrelP_fm] arity_frecrelP_fm frecrelP_fm_type by auto moreover from this have "separation(##M,\z. \x y. z = \x, y\ \ frecR(x, y))" using separation_cong[OF frecrelP_abs] by force ultimately show "{z \ ?Q \ ?Q . \x y. z = \x, y\ \ frecR(x, y)}^+ \ M" using separation_closed frecrelP_abs trancl_closed by simp qed lemma relation2_Hfrc_at_abs: - "relation2(##M,is_Hfrc_at(##M,P,leq),\x f. bool_of_o(Hfrc(P,leq,x,f)))" + "relation2(##M,is_Hfrc_at(##M,\,leq),\x f. bool_of_o(Hfrc(\,leq,x,f)))" unfolding relation2_def using Hfrc_at_abs by simp lemma Hfrc_at_closed : - "\x\M. \g\M. function(g) \ bool_of_o(Hfrc(P,leq,x,g))\M" + "\x\M. \g\M. function(g) \ bool_of_o(Hfrc(\,leq,x,g))\M" unfolding bool_of_o_def using zero_in_M nat_into_M[of 1] by simp lemma wfrec_Hfrc_at : assumes "X\M" - shows "wfrec_replacement(##M,is_Hfrc_at(##M,P,leq),forcerel(P,X))" + shows "wfrec_replacement(##M,is_Hfrc_at(##M,\,leq),forcerel(\,X))" proof - - have 0:"is_Hfrc_at(##M,P,leq,a,b,c) \ - sats(M,Hfrc_at_fm(8,9,2,1,0),[c,b,a,d,e,y,x,z,P,leq,forcerel(P,X)])" + have 0:"is_Hfrc_at(##M,\,leq,a,b,c) \ + sats(M,Hfrc_at_fm(8,9,2,1,0),[c,b,a,d,e,y,x,z,\,leq,forcerel(\,X)])" if "a\M" "b\M" "c\M" "d\M" "e\M" "y\M" "x\M" "z\M" for a b c d e y x z using that \X\M\ forcerel_in_M - Hfrc_at_iff_sats[of concl:M P leq a b c 8 9 2 1 0] + Hfrc_at_iff_sats[of concl:M \ leq a b c 8 9 2 1 0] by simp - have 1:"sats(M,is_wfrec_fm(Hfrc_at_fm(8,9,2,1,0),5,1,0),[y,x,z,P,leq,forcerel(P,X)]) \ - is_wfrec(##M, is_Hfrc_at(##M,P,leq),forcerel(P,X), x, y)" + have 1:"sats(M,is_wfrec_fm(Hfrc_at_fm(8,9,2,1,0),5,1,0),[y,x,z,\,leq,forcerel(\,X)]) \ + is_wfrec(##M, is_Hfrc_at(##M,\,leq),forcerel(\,X), x, y)" if "x\M" "y\M" "z\M" for x y z using that \X\M\ forcerel_in_M sats_is_wfrec_fm[OF 0] by simp let ?f="Exists(And(pair_fm(1,0,2),is_wfrec_fm(Hfrc_at_fm(8,9,2,1,0),5,1,0)))" - have satsf:"sats(M, ?f, [x,z,P,leq,forcerel(P,X)]) \ - (\y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hfrc_at(##M,P,leq),forcerel(P,X), x, y))" + have satsf:"sats(M, ?f, [x,z,\,leq,forcerel(\,X)]) \ + (\y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hfrc_at(##M,\,leq),forcerel(\,X), x, y))" if "x\M" "z\M" for x z using that 1 \X\M\ forcerel_in_M by (simp del:pair_abs) have artyf:"arity(?f) = 5" using arity_wfrec_replacement_fm[where p="Hfrc_at_fm(8,9,2,1,0)" and i=10] arity_Hfrc_at_fm ord_simp_union by simp moreover have "?f\formula" by simp ultimately - have "strong_replacement(##M,\x z. sats(M,?f,[x,z,P,leq,forcerel(P,X)]))" + have "strong_replacement(##M,\x z. sats(M,?f,[x,z,\,leq,forcerel(\,X)]))" using ZF_ground_replacements(1) 1 artyf \X\M\ forcerel_in_M unfolding replacement_assm_def wfrec_Hfrc_at_fm_def by simp then have "strong_replacement(##M,\x z. - \y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hfrc_at(##M,P,leq),forcerel(P,X), x, y))" - using repl_sats[of M ?f "[P,leq,forcerel(P,X)]"] satsf by (simp del:pair_abs) + \y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hfrc_at(##M,\,leq),forcerel(\,X), x, y))" + using repl_sats[of M ?f "[\,leq,forcerel(\,X)]"] satsf by (simp del:pair_abs) then show ?thesis unfolding wfrec_replacement_def by simp qed lemma names_below_abs : "\Q\M;x\M;nb\M\ \ is_names_below(##M,Q,x,nb) \ nb = names_below(Q,x)" unfolding is_names_below_def names_below_def using succ_in_M_iff zero_in_M cartprod_closed ecloseN_abs ecloseN_closed by auto lemma names_below_closed: "\Q\M;x\M\ \ names_below(Q,x) \ M" unfolding names_below_def using zero_in_M cartprod_closed ecloseN_closed succ_in_M_iff by simp lemma "names_below_productE" : assumes "Q \ M" "x \ M" "\A1 A2 A3 A4. A1 \ M \ A2 \ M \ A3 \ M \ A4 \ M \ R(A1 \ A2 \ A3 \ A4)" shows "R(names_below(Q,x))" unfolding names_below_def using assms nat_into_M ecloseN_closed[of x] by auto lemma forcerel_abs : - "\x\M;z\M\ \ is_forcerel(##M,P,x,z) \ z = forcerel(P,x)" + "\x\M;z\M\ \ is_forcerel(##M,\,x,z) \ z = forcerel(\,x)" unfolding is_forcerel_def forcerel_def using frecrel_abs names_below_abs trancl_abs ecloseN_closed names_below_closed names_below_productE[of concl:"\p. is_frecrel(##M,p,_) \ _ = frecrel(p)"] frecrel_closed by simp lemma frc_at_abs: assumes "fnnc\M" "z\M" - shows "is_frc_at(##M,P,leq,fnnc,z) \ z = frc_at(P,leq,fnnc)" + shows "is_frc_at(##M,\,leq,fnnc,z) \ z = frc_at(\,leq,fnnc)" proof - from assms - have "(\r\M. is_forcerel(##M,P,fnnc, r) \ is_wfrec(##M, is_Hfrc_at(##M, P, leq), r, fnnc, z)) - \ is_wfrec(##M, is_Hfrc_at(##M, P, leq), forcerel(P,fnnc), fnnc, z)" + have "(\r\M. is_forcerel(##M,\,fnnc, r) \ is_wfrec(##M, is_Hfrc_at(##M, \, leq), r, fnnc, z)) + \ is_wfrec(##M, is_Hfrc_at(##M, \, leq), forcerel(\,fnnc), fnnc, z)" using forcerel_abs forcerel_in_M by simp then show ?thesis unfolding frc_at_trancl is_frc_at_def using assms wfrec_Hfrc_at[of fnnc] wf_forcerel relation_forcerel forcerel_in_M Hfrc_at_closed relation2_Hfrc_at_abs - trans_wfrec_abs[of "forcerel(P,fnnc)" fnnc z "is_Hfrc_at(##M,P,leq)" "\x f. bool_of_o(Hfrc(P,leq,x,f))"] + trans_wfrec_abs[of "forcerel(\,fnnc)" fnnc z "is_Hfrc_at(##M,\,leq)" "\x f. bool_of_o(Hfrc(\,leq,x,f))"] by (simp flip:setclass_iff) qed lemma forces_eq'_abs : - "\p\M ; t1\M ; t2\M\ \ is_forces_eq'(##M,P,leq,p,t1,t2) \ forces_eq'(P,leq,p,t1,t2)" + "\p\M ; t1\M ; t2\M\ \ is_forces_eq'(##M,\,leq,p,t1,t2) \ forces_eq'(\,leq,p,t1,t2)" unfolding is_forces_eq'_def forces_eq'_def using frc_at_abs nat_into_M pair_in_M_iff by (auto simp add:components_abs) lemma forces_mem'_abs : - "\p\M ; t1\M ; t2\M\ \ is_forces_mem'(##M,P,leq,p,t1,t2) \ forces_mem'(P,leq,p,t1,t2)" + "\p\M ; t1\M ; t2\M\ \ is_forces_mem'(##M,\,leq,p,t1,t2) \ forces_mem'(\,leq,p,t1,t2)" unfolding is_forces_mem'_def forces_mem'_def using frc_at_abs nat_into_M pair_in_M_iff by (auto simp add:components_abs) lemma forces_neq'_abs : assumes "p\M" "t1\M" "t2\M" - shows "is_forces_neq'(##M,P,leq,p,t1,t2) \ forces_neq'(P,leq,p,t1,t2)" + shows "is_forces_neq'(##M,\,leq,p,t1,t2) \ forces_neq'(\,leq,p,t1,t2)" proof - - have "q\M" if "q\P" for q + have "q\M" if "q\\" for q using that transitivity by simp with assms show ?thesis unfolding is_forces_neq'_def forces_neq'_def using forces_eq'_abs pair_in_M_iff by (auto simp add:components_abs,blast) qed lemma forces_nmem'_abs : assumes "p\M" "t1\M" "t2\M" - shows "is_forces_nmem'(##M,P,leq,p,t1,t2) \ forces_nmem'(P,leq,p,t1,t2)" + shows "is_forces_nmem'(##M,\,leq,p,t1,t2) \ forces_nmem'(\,leq,p,t1,t2)" proof - - have "q\M" if "q\P" for q + have "q\M" if "q\\" for q using that transitivity by simp with assms show ?thesis unfolding is_forces_nmem'_def forces_nmem'_def using forces_mem'_abs pair_in_M_iff by (auto simp add:components_abs,blast) qed lemma leq_abs: "\ l\M ; q\M ; p\M \ \ is_leq(##M,l,q,p) \ \q,p\\l" unfolding is_leq_def using pair_in_M_iff by simp subsection\Forcing for atomic formulas in context\ definition forces_eq :: "[i,i,i] \ o" (\_ forces\<^sub>a '(_ = _')\ [36,1,1] 60) where - "forces_eq \ forces_eq'(P,leq)" + "forces_eq \ forces_eq'(\,leq)" definition forces_mem :: "[i,i,i] \ o" (\_ forces\<^sub>a '(_ \ _')\ [36,1,1] 60) where - "forces_mem \ forces_mem'(P,leq)" + "forces_mem \ forces_mem'(\,leq)" -(* frc_at(P,leq,\0,t1,t2,p\) = 1*) +(* frc_at(\,leq,\0,t1,t2,p\) = 1*) abbreviation is_forces_eq - where "is_forces_eq \ is_forces_eq'(##M,P,leq)" + where "is_forces_eq \ is_forces_eq'(##M,\,leq)" -(* frc_at(P,leq,\1,t1,t2,p\) = 1*) +(* frc_at(\,leq,\1,t1,t2,p\) = 1*) abbreviation is_forces_mem :: "[i,i,i] \ o" where - "is_forces_mem \ is_forces_mem'(##M,P,leq)" + "is_forces_mem \ is_forces_mem'(##M,\,leq)" -lemma def_forces_eq: "p\P \ p forces\<^sub>a (t1 = t2) \ - (\s\domain(t1) \ domain(t2). \q. q\P \ q \ p \ +lemma def_forces_eq: "p\\ \ p forces\<^sub>a (t1 = t2) \ + (\s\domain(t1) \ domain(t2). \q. q\\ \ q \ p \ (q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)))" unfolding forces_eq_def forces_mem_def forces_eq'_def forces_mem'_def using def_frc_at[of p 0 t1 t2 ] unfolding bool_of_o_def by auto -lemma def_forces_mem: "p\P \ p forces\<^sub>a (t1 \ t2) \ - (\v\P. v \ p \ - (\q. \s. \r. r\P \ q\P \ q \ v \ \s,r\ \ t2 \ q \ r \ q forces\<^sub>a (t1 = s)))" +lemma def_forces_mem: "p\\ \ p forces\<^sub>a (t1 \ t2) \ + (\v\\. v \ p \ + (\q. \s. \r. r\\ \ q\\ \ q \ v \ \s,r\ \ t2 \ q \ r \ q forces\<^sub>a (t1 = s)))" unfolding forces_eq'_def forces_mem'_def forces_eq_def forces_mem_def using def_frc_at[of p 1 t1 t2] unfolding bool_of_o_def by auto lemma forces_eq_abs : "\p\M ; t1\M ; t2\M\ \ is_forces_eq(p,t1,t2) \ p forces\<^sub>a (t1 = t2)" unfolding forces_eq_def using forces_eq'_abs by simp lemma forces_mem_abs : "\p\M ; t1\M ; t2\M\ \ is_forces_mem(p,t1,t2) \ p forces\<^sub>a (t1 \ t2)" unfolding forces_mem_def using forces_mem'_abs by simp definition forces_neq :: "[i,i,i] \ o" (\_ forces\<^sub>a '(_ \ _')\ [36,1,1] 60) where - "p forces\<^sub>a (t1 \ t2) \ \ (\q\P. q\p \ q forces\<^sub>a (t1 = t2))" + "p forces\<^sub>a (t1 \ t2) \ \ (\q\\. q\p \ q forces\<^sub>a (t1 = t2))" definition forces_nmem :: "[i,i,i] \ o" (\_ forces\<^sub>a '(_ \ _')\ [36,1,1] 60) where - "p forces\<^sub>a (t1 \ t2) \ \ (\q\P. q\p \ q forces\<^sub>a (t1 \ t2))" + "p forces\<^sub>a (t1 \ t2) \ \ (\q\\. q\p \ q forces\<^sub>a (t1 \ t2))" lemma forces_neq : - "p forces\<^sub>a (t1 \ t2) \ forces_neq'(P,leq,p,t1,t2)" + "p forces\<^sub>a (t1 \ t2) \ forces_neq'(\,leq,p,t1,t2)" unfolding forces_neq_def forces_neq'_def forces_eq_def by simp lemma forces_nmem : - "p forces\<^sub>a (t1 \ t2) \ forces_nmem'(P,leq,p,t1,t2)" + "p forces\<^sub>a (t1 \ t2) \ forces_nmem'(\,leq,p,t1,t2)" unfolding forces_nmem_def forces_nmem'_def forces_mem_def by simp abbreviation Forces :: "[i, i, i] \ o" ("_ \ _ _" [36,36,36] 60) where - "p \ \ env \ M, ([p,P,leq,\] @ env) \ forces(\)" + "p \ \ env \ M, ([p,\,leq,\] @ env) \ forces(\)" lemma sats_forces_Member : assumes "x\nat" "y\nat" "env\list(M)" "nth(x,env)=xx" "nth(y,env)=yy" "q\M" - shows "q \ \x \ y\ env \ q \ P \ is_forces_mem(q, xx, yy)" + shows "q \ \x \ y\ env \ q \ \ \ is_forces_mem(q, xx, yy)" unfolding forces_def using assms by simp lemma sats_forces_Equal : assumes "a\nat" "b\nat" "env\list(M)" "nth(a,env)=x" "nth(b,env)=y" "q\M" - shows "q \ \a = b\ env \ q \ P \ is_forces_eq(q, x, y)" + shows "q \ \a = b\ env \ q \ \ \ is_forces_eq(q, x, y)" unfolding forces_def using assms by simp lemma sats_forces_Nand : assumes "\\formula" "\\formula" "env\list(M)" "p\M" shows "p \ \\(\ \ \)\ env \ - p\P \ \(\q\M. q\P \ is_leq(##M,leq,q,p) \ (q \ \ env) \ (q \ \ env))" + p\\ \ \(\q\M. q\\ \ is_leq(##M,leq,q,p) \ (q \ \ env) \ (q \ \ env))" unfolding forces_def using sats_is_leq_fm_auto assms sats_ren_forces_nand zero_in_M by simp lemma sats_forces_Neg : assumes "\\formula" "env\list(M)" "p\M" shows "p \ \\\\ env \ - (p\P \ \(\q\M. q\P \ is_leq(##M,leq,q,p) \ (q \ \ env)))" + (p\\ \ \(\q\M. q\\ \ is_leq(##M,leq,q,p) \ (q \ \ env)))" unfolding Neg_def using assms sats_forces_Nand by simp lemma sats_forces_Forall : assumes "\\formula" "env\list(M)" "p\M" - shows "p \ (\\\\) env \ p \ P \ (\x\M. p \ \ ([x] @ env))" + shows "p \ (\\\\) env \ p \ \ \ (\x\M. p \ \ ([x] @ env))" unfolding forces_def using assms sats_ren_forces_forall by simp end \ \\<^locale>\forcing_data1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Forcing_Data.thy b/thys/Independence_CH/Forcing_Data.thy --- a/thys/Independence_CH/Forcing_Data.thy +++ b/thys/Independence_CH/Forcing_Data.thy @@ -1,161 +1,161 @@ section\Transitive set models of ZF\ text\This theory defines locales for countable transitive models of $\ZF$, and on top of that, one that includes a forcing notion. Weakened versions of both locales are included, that only assume finitely many replacement instances.\ theory Forcing_Data imports Forcing_Notions Cohen_Posets_Relative ZF_Trans_Interpretations begin no_notation Aleph (\\_\ [90] 90) subsection\A forcing locale and generic filters\ text\Ideally, countability should be separated from the assumption of this locale. The fact is that our present proofs of the “definition of forces” (and many consequences) and of the lemma for “forcing a value” of function unnecessarily depend on the countability of the ground model. \ -locale forcing_data1 = forcing_notion + M_ctm1 + M_ZF_ground_trans + - assumes P_in_M: "P \ M" +locale forcing_data1 = forcing_notion + M_ctm1 + + assumes P_in_M: "\ \ M" and leq_in_M: "leq \ M" locale forcing_data2 = forcing_data1 + M_ctm2_AC locale forcing_data3 = forcing_data2 + M_ctm3_AC context forcing_data1 begin -lemma P_sub_M : "P \ M" +lemma P_sub_M : "\ \ M" using transitivity P_in_M by auto definition M_generic :: "i\o" where - "M_generic(G) \ filter(G) \ (\D\M. D\P \ dense(D)\D\G\0)" + "M_generic(G) \ filter(G) \ (\D\M. D\\ \ dense(D)\D\G\0)" declare iff_trans [trans] lemma M_generic_imp_filter[dest]: "M_generic(G) \ filter(G)" unfolding M_generic_def by blast lemma generic_filter_existence: - "p\P \ \G. p\G \ M_generic(G)" + "p\\ \ \G. p\G \ M_generic(G)" proof - - assume "p\P" - let ?D="\n\nat. (if (enum`n\P \ dense(enum`n)) then enum`n else P)" - have "\n\nat. ?D`n \ Pow(P)" + assume "p\\" + let ?D="\n\nat. (if (enum`n\\ \ dense(enum`n)) then enum`n else \)" + have "\n\nat. ?D`n \ Pow(\)" by auto then - have "?D:nat\Pow(P)" + have "?D:nat\Pow(\)" using lam_type by auto have "\n\nat. dense(?D`n)" proof(intro ballI) fix n assume "n\nat" then - have "dense(?D`n) \ dense(if enum`n \ P \ dense(enum`n) then enum`n else P)" + have "dense(?D`n) \ dense(if enum`n \ \ \ dense(enum`n) then enum`n else \)" by simp also - have "... \ (\(enum`n \ P \ dense(enum`n)) \ dense(P)) " + have "... \ (\(enum`n \ \ \ dense(enum`n)) \ dense(\)) " using split_if by simp finally show "dense(?D`n)" using P_dense \n\nat\ by auto qed with \?D\_\ - interpret cg: countable_generic P leq \ ?D + interpret cg: countable_generic \ leq \ ?D by (unfold_locales, auto) - from \p\P\ + from \p\\\ obtain G where 1: "p\G \ filter(G) \ (\n\nat.(?D`n)\G\0)" using cg.countable_rasiowa_sikorski[where M="\_. M"] P_sub_M M_countable[THEN bij_is_fun] M_countable[THEN bij_is_surj, THEN surj_range] unfolding cg.D_generic_def by blast then - have "(\D\M. D\P \ dense(D)\D\G\0)" + have "(\D\M. D\\ \ dense(D)\D\G\0)" proof (intro ballI impI) fix D - assume "D\M" and 2: "D \ P \ dense(D) " + assume "D\M" and 2: "D \ \ \ dense(D) " moreover have "\y\M. \x\nat. enum`x= y" using M_countable and bij_is_surj unfolding surj_def by (simp) moreover from calculation obtain n where Eq10: "n\nat \ enum`n = D" by auto moreover from calculation if_P have "?D`n = D" by simp moreover note 1 ultimately show "D\G\0" by auto qed with 1 show ?thesis unfolding M_generic_def by auto qed lemma one_in_M: "\ \ M" using one_in_P P_in_M transitivity by simp declare P_in_M [simp,intro] declare one_in_M [simp,intro] declare leq_in_M [simp,intro] declare one_in_P [intro] end \ \\<^locale>\forcing_data1\\ locale G_generic1 = forcing_data1 + fixes G :: "i" assumes generic : "M_generic(G)" begin lemma G_nonempty: "G\0" - using generic subset_refl[of P] P_dense + using generic subset_refl[of \] P_dense unfolding M_generic_def by auto -lemma M_genericD [dest]: "x\G \ x\P" +lemma M_genericD [dest]: "x\G \ x\\" using generic by (blast dest:filterD) -lemma M_generic_leqD [dest]: "p\G \ q\P \ p\q \ q\G" +lemma M_generic_leqD [dest]: "p\G \ q\\ \ p\q \ q\G" using generic by (blast dest:filter_leqD) lemma M_generic_compatD [dest]: "p\G \ r\G \ \q\G. q\p \ q\r" using generic by (blast dest:low_bound_filter) -lemma M_generic_denseD [dest]: "dense(D) \ D\P \ D\M \ \q\G. q\D" +lemma M_generic_denseD [dest]: "dense(D) \ D\\ \ D\M \ \q\G. q\D" using generic unfolding M_generic_def by blast -lemma G_subset_P: "G\P" +lemma G_subset_P: "G\\" using generic by auto lemma one_in_G : "\ \ G" proof - have "increasing(G)" using generic unfolding M_generic_def filter_def by simp then show ?thesis using G_nonempty one_max unfolding increasing_def by blast qed lemma G_subset_M: "G \ M" using generic transitivity[OF _ P_in_M] by auto end \ \\<^locale>\G_generic1\\ locale G_generic1_AC = G_generic1 + M_ctm1_AC end \ No newline at end of file diff --git a/thys/Independence_CH/Forcing_Main.thy b/thys/Independence_CH/Forcing_Main.thy --- a/thys/Independence_CH/Forcing_Main.thy +++ b/thys/Independence_CH/Forcing_Main.thy @@ -1,170 +1,170 @@ -section\The main theorem\ +section\The existence of generic extensions\ theory Forcing_Main imports Ordinals_In_MG Choice_Axiom Succession_Poset begin subsection\The generic extension is countable\ lemma (in forcing_data1) surj_nat_MG : "\f. f \ surj(\,M[G])" proof - let ?f="\n\\. val(G,enum`n)" have "x \ \ \ val(G, enum ` x)\ M[G]" for x using GenExtI bij_is_fun[OF M_countable] by simp then have "?f: \ \ M[G]" using lam_type[of \ "\n. val(G,enum`n)" "\_.M[G]"] by simp moreover have "\n\\. ?f`n = x" if "x\M[G]" for x using that GenExt_iff[of _ G] bij_is_surj[OF M_countable] unfolding surj_def by auto ultimately show ?thesis unfolding surj_def by blast qed lemma (in G_generic1) MG_eqpoll_nat: "M[G] \ \" proof - obtain f where "f \ surj(\,M[G])" using surj_nat_MG by blast then have "M[G] \ \" using well_ord_surj_imp_lepoll well_ord_Memrel[of \] by simp moreover have "\ \ M[G]" using ext.nat_into_M subset_imp_lepoll by (auto del:lepollI) ultimately show ?thesis using eqpollI by simp qed subsection\Extensions of ctms of fragments of $\ZFC$\ context G_generic1 begin lemma sats_ground_repl_fm_imp_sats_ZF_replacement_fm: assumes "\\formula" "M, [] \ \Replacement(ground_repl_fm(\))\" shows "M[G], [] \ \Replacement(\)\" using assms sats_ZF_replacement_fm_iff by (auto simp:replacement_assm_def ground_replacement_assm_def intro:strong_replacement_in_MG[simplified]) lemma satT_ground_repl_fm_imp_satT_ZF_replacement_fm: assumes "\ \ formula" "M \ { \Replacement(ground_repl_fm(\))\ . \ \ \}" shows "M[G] \ { \Replacement(\)\ . \ \ \}" using assms sats_ground_repl_fm_imp_sats_ZF_replacement_fm by auto end \ \\<^locale>\G_generic1\\ theorem extensions_of_ctms: assumes "M \ \" "Transset(M)" "M \ \Z\ \ {\Replacement(p)\ . p \ overhead}" "\ \ formula" "M \ { \Replacement(ground_repl_fm(\))\ . \ \ \}" shows "\N. M \ N \ N \ \ \ Transset(N) \ M\N \ (\\. Ord(\) \ (\ \ M \ \ \ N)) \ ((M, []\ \AC\) \ N, [] \ \AC\) \ N \ \Z\ \ { \Replacement(\)\ . \ \ \}" proof - from \M \ \Z\ \ _\ \Transset(M)\ interpret M_ZF_ground_trans M using M_satT_imp_M_ZF_ground_trans by simp from \M \ \\ obtain enum where "enum \ bij(\,M)" using eqpoll_sym unfolding eqpoll_def by blast then interpret M_ctm1 M enum by unfold_locales interpret forcing_data1 "2\<^bsup><\\<^esup>" seqle 0 M enum using nat_into_M seqspace_closed seqle_in_M by unfold_locales simp obtain G where "M_generic(G)" "M \ M[G]" using cohen_extension_is_proper by blast text\Recall that \<^term>\M[G]\ denotes the generic extension of \<^term>\M\ using the poset of sequences \<^term>\2\<^bsup><\\<^esup>\.\ then interpret G_generic1 "2\<^bsup><\\<^esup>" seqle 0 _ enum G by unfold_locales interpret MG: M_Z_basic "M[G]" using generic pairing_in_MG Union_MG extensionality_in_MG power_in_MG foundation_in_MG replacement_assm_MG separation_in_MG infinity_in_MG replacement_ax1 by unfold_locales simp have "M, []\ \AC\ \ M[G], [] \ \AC\" proof - assume "M, [] \ \AC\" then have "choice_ax(##M)" unfolding ZF_choice_fm_def using ZF_choice_auto by simp then have "choice_ax(##M[G])" using choice_in_MG by simp then show "M[G], [] \ \AC\" using ZF_choice_auto sats_ZFC_iff_sats_ZF_AC unfolding ZF_choice_fm_def by simp qed moreover note \M \ M[G]\ \M \ { \Replacement(ground_repl_fm(\))\ . \ \ \}\ \\ \ formula\ moreover have "Transset(M[G])" using Transset_MG . moreover have "M \ M[G]" using M_subset_MG[OF one_in_G] generic by simp ultimately show ?thesis using Ord_MG_iff MG_eqpoll_nat ext.M_satT_Zermelo_fms satT_ground_repl_fm_imp_satT_ZF_replacement_fm[of \] by (rule_tac x="M[G]" in exI, auto) qed lemma ZF_replacement_overhead_sub_ZF: "{\Replacement(p)\ . p \ overhead} \ ZF" using instances1_fms_type instances_ground_fms_type unfolding overhead_def ZF_def ZF_schemes_def by auto theorem extensions_of_ctms_ZF: assumes "M \ \" "Transset(M)" "M \ ZF" shows "\N. M \ N \ N \ \ \ Transset(N) \ N \ ZF \ M\N \ (\\. Ord(\) \ (\ \ M \ \ \ N)) \ ((M, []\ \AC\) \ N \ ZFC)" proof - from assms have "\N. M \ N \ N \ \ \ Transset(N) \ M\N \ (\\. Ord(\) \ (\ \ M \ \ \ N)) \ ((M, []\ \AC\) \ N, [] \ \AC\) \ N \ \Z\ \ { \Replacement(\)\ . \ \ formula}" using extensions_of_ctms[of M formula] satT_ZF_imp_satT_Z[of M] satT_mono[OF _ ground_repl_fm_sub_ZF, of M] satT_mono[OF _ ZF_replacement_overhead_sub_ZF, of M] by (auto simp: satT_Un_iff) then obtain N where "N \ \Z\ \ { \Replacement(\)\ . \ \ formula}" "M \ N" "N \ \" "Transset(N)" "M \ N" "(\\. Ord(\) \ \ \ M \ \ \ N)" "(M, []\ \AC\) \ N, [] \ \AC\" by blast moreover from \N \ \Z\ \ { \Replacement(\)\ . \ \ formula}\ have "N \ ZF" using satT_Z_ZF_replacement_imp_satT_ZF by auto moreover from this and \(M, []\ \AC\) \ N, [] \ \AC\\ have "(M, []\ \AC\) \ N \ ZFC" using sats_ZFC_iff_sats_ZF_AC by simp ultimately show ?thesis by auto qed end \ No newline at end of file diff --git a/thys/Independence_CH/Forcing_Notions.thy b/thys/Independence_CH/Forcing_Notions.thy --- a/thys/Independence_CH/Forcing_Notions.thy +++ b/thys/Independence_CH/Forcing_Notions.thy @@ -1,432 +1,430 @@ section\Forcing notions\ text\This theory defines a locale for forcing notions, that is, preorders with a distinguished maximum element.\ theory Forcing_Notions imports "ZF-Constructible.Relative" "Delta_System_Lemma.ZF_Library" begin hide_const (open) Order.pred subsection\Basic concepts\ text\We say that two elements $p,q$ are \<^emph>\compatible\ if they have a lower bound in $P$\ definition compat_in :: "i\i\i\i\o" where "compat_in(A,r,p,q) \ \d\A . \d,p\\r \ \d,q\\r" lemma compat_inI : "\ d\A ; \d,p\\r ; \d,g\\r \ \ compat_in(A,r,p,g)" by (auto simp add: compat_in_def) lemma refl_compat: "\ refl(A,r) ; \p,q\ \ r | p=q | \q,p\ \ r ; p\A ; q\A\ \ compat_in(A,r,p,q)" by (auto simp add: refl_def compat_inI) lemma chain_compat: "refl(A,r) \ linear(A,r) \ (\p\A.\q\A. compat_in(A,r,p,q))" by (simp add: refl_compat linear_def) lemma subset_fun_image: "f:N\P \ f``N\P" by (auto simp add: image_fun apply_funtype) lemma refl_monot_domain: "refl(B,r) \ A\B \ refl(A,r)" unfolding refl_def by blast locale forcing_notion = - fixes P leq one - assumes one_in_P: "one \ P" - and leq_preord: "preorder_on(P,leq)" - and one_max: "\p\P. \p,one\\leq" + fixes P (\\\) and leq and one (\\\) + assumes one_in_P: "\ \ \" + and leq_preord: "preorder_on(\,leq)" + and one_max: "\p\\. \p,\\\leq" begin -notation one (\\\) - abbreviation Leq :: "[i, i] \ o" (infixl "\" 50) where "x \ y \ \x,y\\leq" lemma refl_leq: - "r\P \ r\r" + "r\\ \ r\r" using leq_preord unfolding preorder_on_def refl_def by simp -text\A set $D$ is \<^emph>\dense\ if every element $p\in P$ has a lower +text\A set $D$ is \<^emph>\dense\ if every element $p\in \mathbb{P}$ has a lower bound in $D$.\ definition dense :: "i\o" where - "dense(D) \ \p\P. \d\D . d\p" + "dense(D) \ \p\\. \d\D . d\p" text\There is also a weaker definition which asks for a lower bound in $D$ only for the elements below some fixed element $q$.\ definition dense_below :: "i\i\o" where - "dense_below(D,q) \ \p\P. p\q \ (\d\D. d\P \ d\p)" + "dense_below(D,q) \ \p\\. p\q \ (\d\D. d\\ \ d\p)" -lemma P_dense: "dense(P)" +lemma P_dense: "dense(\)" by (insert leq_preord, auto simp add: preorder_on_def refl_def dense_def) definition increasing :: "i\o" where - "increasing(F) \ \x\F. \ p \ P . x\p \ p\F" + "increasing(F) \ \x\F. \ p \ \ . x\p \ p\F" definition compat :: "i\i\o" where - "compat(p,q) \ compat_in(P,leq,p,q)" + "compat(p,q) \ compat_in(\,leq,p,q)" -lemma leq_transD: "a\b \ b\c \ a \ P\ b \ P\ c \ P\ a\c" +lemma leq_transD: "a\b \ b\c \ a \ \\ b \ \\ c \ \\ a\c" using leq_preord trans_onD unfolding preorder_on_def by blast -lemma leq_transD': "A\P \ a\b \ b\c \ a \ A \ b \ P\ c \ P\ a\c" +lemma leq_transD': "A\\ \ a\b \ b\c \ a \ A \ b \ \\ c \ \\ a\c" using leq_preord trans_onD subsetD unfolding preorder_on_def by blast -lemma compatD[dest!]: "compat(p,q) \ \d\P. d\p \ d\q" +lemma compatD[dest!]: "compat(p,q) \ \d\\. d\p \ d\q" unfolding compat_def compat_in_def . abbreviation Incompatible :: "[i, i] \ o" (infixl "\" 50) where "p \ q \ \ compat(p,q)" -lemma compatI[intro!]: "d\P \ d\p \ d\q \ compat(p,q)" +lemma compatI[intro!]: "d\\ \ d\p \ d\q \ compat(p,q)" unfolding compat_def compat_in_def by blast -lemma Incompatible_imp_not_eq: "\ p \ q; p\P; q\P \\ p \ q" +lemma Incompatible_imp_not_eq: "\ p \ q; p\\; q\\ \\ p \ q" using refl_leq by blast -lemma denseD [dest]: "dense(D) \ p\P \ \d\D. d\ p" +lemma denseD [dest]: "dense(D) \ p\\ \ \d\D. d\ p" unfolding dense_def by blast -lemma denseI [intro!]: "\ \p. p\P \ \d\D. d\ p \ \ dense(D)" +lemma denseI [intro!]: "\ \p. p\\ \ \d\D. d\ p \ \ dense(D)" unfolding dense_def by blast lemma dense_belowD [dest]: - assumes "dense_below(D,p)" "q\P" "q\p" - shows "\d\D. d\P \ d\q" + assumes "dense_below(D,p)" "q\\" "q\p" + shows "\d\D. d\\ \ d\q" using assms unfolding dense_below_def by simp lemma dense_belowI [intro!]: - assumes "\q. q\P \ q\p \ \d\D. d\P \ d\q" + assumes "\q. q\\ \ q\p \ \d\D. d\\ \ d\q" shows "dense_below(D,p)" using assms unfolding dense_below_def by simp -lemma dense_below_cong: "p\P \ D = D' \ dense_below(D,p) \ dense_below(D',p)" +lemma dense_below_cong: "p\\ \ D = D' \ dense_below(D,p) \ dense_below(D',p)" by blast -lemma dense_below_cong': "p\P \ \\x. x\P \ Q(x) \ Q'(x)\ \ - dense_below({q\P. Q(q)},p) \ dense_below({q\P. Q'(q)},p)" +lemma dense_below_cong': "p\\ \ \\x. x\\ \ Q(x) \ Q'(x)\ \ + dense_below({q\\. Q(q)},p) \ dense_below({q\\. Q'(q)},p)" by blast -lemma dense_below_mono: "p\P \ D \ D' \ dense_below(D,p) \ dense_below(D',p)" +lemma dense_below_mono: "p\\ \ D \ D' \ dense_below(D,p) \ dense_below(D',p)" by blast lemma dense_below_under: - assumes "dense_below(D,p)" "p\P" "q\P" "q\p" + assumes "dense_below(D,p)" "p\\" "q\\" "q\p" shows "dense_below(D,q)" using assms leq_transD by blast lemma ideal_dense_below: - assumes "\q. q\P \ q\p \ q\D" + assumes "\q. q\\ \ q\p \ q\D" shows "dense_below(D,p)" using assms refl_leq by blast lemma dense_below_dense_below: - assumes "dense_below({q\P. dense_below(D,q)},p)" "p\P" + assumes "dense_below({q\\. dense_below(D,q)},p)" "p\\" shows "dense_below(D,p)" using assms leq_transD refl_leq by blast text\A filter is an increasing set $G$ with all its elements being compatible in $G$.\ definition filter :: "i\o" where - "filter(G) \ G\P \ increasing(G) \ (\p\G. \q\G. compat_in(G,leq,p,q))" + "filter(G) \ G\\ \ increasing(G) \ (\p\G. \q\G. compat_in(G,leq,p,q))" -lemma filterD : "filter(G) \ x \ G \ x \ P" +lemma filterD : "filter(G) \ x \ G \ x \ \" by (auto simp add : subsetD filter_def) -lemma filter_subset_notion[dest]: "filter(G) \ G \ P" +lemma filter_subset_notion[dest]: "filter(G) \ G \ \" by (auto dest:filterD) -lemma filter_leqD : "filter(G) \ x \ G \ y \ P \ x\y \ y \ G" +lemma filter_leqD : "filter(G) \ x \ G \ y \ \ \ x\y \ y \ G" by (simp add: filter_def increasing_def) lemma filter_imp_compat: "filter(G) \ p\G \ q\G \ compat(p,q)" unfolding filter_def compat_in_def compat_def by blast lemma low_bound_filter: \ \says the compatibility is attained inside G\ assumes "filter(G)" and "p\G" and "q\G" shows "\r\G. r\p \ r\q" using assms unfolding compat_in_def filter_def by blast text\We finally introduce the upward closure of a set and prove that the closure of $A$ is a filter if its elements are compatible in $A$.\ definition upclosure :: "i\i" where - "upclosure(A) \ {p\P.\a\A. a\p}" + "upclosure(A) \ {p\\.\a\A. a\p}" -lemma upclosureI [intro] : "p\P \ a\A \ a\p \ p\upclosure(A)" +lemma upclosureI [intro] : "p\\ \ a\A \ a\p \ p\upclosure(A)" by (simp add:upclosure_def, auto) lemma upclosureE [elim] : - "p\upclosure(A) \ (\x a. x\P \ a\A \ a\x \ R) \ R" + "p\upclosure(A) \ (\x a. x\\ \ a\A \ a\x \ R) \ R" by (auto simp add:upclosure_def) lemma upclosureD [dest] : - "p\upclosure(A) \ \a\A.(a\p) \ p\P" + "p\upclosure(A) \ \a\A.(a\p) \ p\\" by (simp add:upclosure_def) lemma upclosure_increasing : - assumes "A\P" + assumes "A\\" shows "increasing(upclosure(A))" unfolding increasing_def upclosure_def - using leq_transD'[OF \A\P\] by auto + using leq_transD'[OF \A\\\] by auto -lemma upclosure_in_P: "A \ P \ upclosure(A) \ P" +lemma upclosure_in_P: "A \ \ \ upclosure(A) \ \" using subsetI upclosure_def by simp -lemma A_sub_upclosure: "A \ P \ A\upclosure(A)" +lemma A_sub_upclosure: "A \ \ \ A\upclosure(A)" using subsetI leq_preord unfolding upclosure_def preorder_on_def refl_def by auto -lemma elem_upclosure: "A\P \ x\A \ x\upclosure(A)" +lemma elem_upclosure: "A\\ \ x\A \ x\upclosure(A)" by (blast dest:A_sub_upclosure) lemma closure_compat_filter: - assumes "A\P" "(\p\A.\q\A. compat_in(A,leq,p,q))" + assumes "A\\" "(\p\A.\q\A. compat_in(A,leq,p,q))" shows "filter(upclosure(A))" unfolding filter_def proof(auto) show "increasing(upclosure(A))" using assms upclosure_increasing by simp next let ?UA="upclosure(A)" show "compat_in(upclosure(A), leq, p, q)" if "p\?UA" "q\?UA" for p q proof - from that - obtain a b where 1:"a\A" "b\A" "a\p" "b\q" "p\P" "q\P" + obtain a b where 1:"a\A" "b\A" "a\p" "b\q" "p\\" "q\\" using upclosureD[OF \p\?UA\] upclosureD[OF \q\?UA\] by auto with assms(2) obtain d where "d\A" "d\a" "d\b" unfolding compat_in_def by auto with 1 have "d\p" "d\q" "d\?UA" - using A_sub_upclosure[THEN subsetD] \A\P\ + using A_sub_upclosure[THEN subsetD] \A\\\ leq_transD'[of A d a] leq_transD'[of A d b] by auto then show ?thesis unfolding compat_in_def by auto qed qed -lemma aux_RS1: "f \ N \ P \ n\N \ f`n \ upclosure(f ``N)" +lemma aux_RS1: "f \ N \ \ \ n\N \ f`n \ upclosure(f ``N)" using elem_upclosure[OF subset_fun_image] image_fun by (simp, blast) lemma decr_succ_decr: - assumes "f \ nat \ P" "preorder_on(P,leq)" + assumes "f \ nat \ \" "preorder_on(\,leq)" "\n\nat. \f ` succ(n), f ` n\ \ leq" "m\nat" shows "n\nat \ n\m \ \f ` m, f ` n\ \ leq" using \m\_\ proof(induct m) case 0 then show ?case using assms refl_leq by simp next case (succ x) then - have 1:"f`succ(x) \ f`x" "f`n\P" "f`x\P" "f`succ(x)\P" + have 1:"f`succ(x) \ f`x" "f`n\\" "f`x\\" "f`succ(x)\\" using assms by simp_all consider (lt) "n nat \ P" + assumes "refl(\,leq)" "f \ nat \ \" "\n\nat. \f ` succ(n), f ` n\ \ leq" - "trans[P](leq)" + "trans[\](leq)" shows "linear(f `` nat, leq)" proof - - have "preorder_on(P,leq)" + have "preorder_on(\,leq)" unfolding preorder_on_def using assms by simp { fix n m assume "n\nat" "m\nat" then have "f`m \ f`n \ f`n \ f`m" proof(cases "m\n") case True with \n\_\ \m\_\ show ?thesis - using decr_succ_decr[of f n m] assms leI \preorder_on(P,leq)\ by simp + using decr_succ_decr[of f n m] assms leI \preorder_on(\,leq)\ by simp next case False with \n\_\ \m\_\ show ?thesis - using decr_succ_decr[of f m n] assms leI not_le_iff_lt \preorder_on(P,leq)\ by simp + using decr_succ_decr[of f m n] assms leI not_le_iff_lt \preorder_on(\,leq)\ by simp qed } then show ?thesis unfolding linear_def using ball_image_simp assms by auto qed end \ \\<^locale>\forcing_notion\\ subsection\Towards Rasiowa-Sikorski Lemma (RSL)\ locale countable_generic = forcing_notion + fixes \ - assumes countable_subs_of_P: "\ \ nat\Pow(P)" + assumes countable_subs_of_P: "\ \ nat\Pow(\)" and seq_of_denses: "\n \ nat. dense(\`n)" begin definition D_generic :: "i\o" where "D_generic(G) \ filter(G) \ (\n\nat.(\`n)\G\0)" text\The next lemma identifies a sufficient condition for obtaining RSL.\ lemma RS_sequence_imp_rasiowa_sikorski: assumes - "p\P" "f : nat\P" "f ` 0 = p" + "p\\" "f : nat\\" "f ` 0 = p" "\n. n\nat \ f ` succ(n)\ f ` n \ f ` succ(n) \ \ ` n" shows "\G. p\G \ D_generic(G)" proof - note assms moreover from this - have "f``nat \ P" + have "f``nat \ \" by (simp add:subset_fun_image) moreover from calculation - have "refl(f``nat, leq) \ trans[P](leq)" + have "refl(f``nat, leq) \ trans[\](leq)" using leq_preord unfolding preorder_on_def by (blast intro:refl_monot_domain) moreover from calculation have "\n\nat. f ` succ(n)\ f ` n" by (simp) moreover from calculation have "linear(f``nat, leq)" using leq_preord and decr_seq_linear unfolding preorder_on_def by (blast) moreover from calculation have "(\p\f``nat.\q\f``nat. compat_in(f``nat,leq,p,q))" using chain_compat by (auto) ultimately have "filter(upclosure(f``nat))" (is "filter(?G)") using closure_compat_filter by simp moreover have "\n\nat. \ ` n \ ?G \ 0" proof fix n assume "n\nat" with assms have "f`succ(n) \ ?G \ f`succ(n) \ \ ` n" using aux_RS1 by simp then show "\ ` n \ ?G \ 0" by blast qed moreover from assms have "p \ ?G" using aux_RS1 by auto ultimately show ?thesis unfolding D_generic_def by auto qed end \ \\<^locale>\countable_generic\\ text\Now, the following recursive definition will fulfill the requirements of lemma \<^term>\RS_sequence_imp_rasiowa_sikorski\ \ consts RS_seq :: "[i,i,i,i,i,i] \ i" primrec "RS_seq(0,P,leq,p,enum,\) = p" "RS_seq(succ(n),P,leq,p,enum,\) = enum`(\ m. \enum`m, RS_seq(n,P,leq,p,enum,\)\ \ leq \ enum`m \ \ ` n)" context countable_generic begin lemma countable_RS_sequence_aux: fixes p enum - defines "f(n) \ RS_seq(n,P,leq,p,enum,\)" + defines "f(n) \ RS_seq(n,\,leq,p,enum,\)" and "Q(q,k,m) \ enum`m\ q \ enum`m \ \ ` k" - assumes "n\nat" "p\P" "P \ range(enum)" "enum:nat\M" - "\x k. x\P \ k\nat \ \q\P. q\ x \ q \ \ ` k" + assumes "n\nat" "p\\" "\ \ range(enum)" "enum:nat\M" + "\x k. x\\ \ k\nat \ \q\\. q\ x \ q \ \ ` k" shows - "f(succ(n)) \ P \ f(succ(n))\ f(n) \ f(succ(n)) \ \ ` n" + "f(succ(n)) \ \ \ f(succ(n))\ f(n) \ f(succ(n)) \ \ ` n" using \n\nat\ proof (induct) case 0 from assms - obtain q where "q\P" "q\ p" "q \ \ ` 0" by blast - moreover from this and \P \ range(enum)\ + obtain q where "q\\" "q\ p" "q \ \ ` 0" by blast + moreover from this and \\ \ range(enum)\ obtain m where "m\nat" "enum`m = q" using Pi_rangeD[OF \enum:nat\M\] by blast moreover - have "\`0 \ P" + have "\`0 \ \" using apply_funtype[OF countable_subs_of_P] by simp - moreover note \p\P\ + moreover note \p\\\ ultimately show ?case using LeastI[of "Q(p,0)" m] unfolding Q_def f_def by auto next case (succ n) with assms - obtain q where "q\P" "q\ f(succ(n))" "q \ \ ` succ(n)" by blast - moreover from this and \P \ range(enum)\ + obtain q where "q\\" "q\ f(succ(n))" "q \ \ ` succ(n)" by blast + moreover from this and \\ \ range(enum)\ obtain m where "m\nat" "enum`m\ f(succ(n))" "enum`m \ \ ` succ(n)" using Pi_rangeD[OF \enum:nat\M\] by blast moreover note succ moreover from calculation - have "\`succ(n) \ P" + have "\`succ(n) \ \" using apply_funtype[OF countable_subs_of_P] by auto ultimately show ?case using LeastI[of "Q(f(succ(n)),succ(n))" m] unfolding Q_def f_def by auto qed lemma countable_RS_sequence: fixes p enum - defines "f \ \n\nat. RS_seq(n,P,leq,p,enum,\)" + defines "f \ \n\nat. RS_seq(n,\,leq,p,enum,\)" and "Q(q,k,m) \ enum`m\ q \ enum`m \ \ ` k" - assumes "n\nat" "p\P" "P \ range(enum)" "enum:nat\M" + assumes "n\nat" "p\\" "\ \ range(enum)" "enum:nat\M" shows - "f`0 = p" "f`succ(n)\ f`n \ f`succ(n) \ \ ` n" "f`succ(n) \ P" + "f`0 = p" "f`succ(n)\ f`n \ f`succ(n) \ \ ` n" "f`succ(n) \ \" proof - from assms show "f`0 = p" by simp { fix x k - assume "x\P" "k\nat" + assume "x\\" "k\nat" then - have "\q\P. q\ x \ q \ \ ` k" + have "\q\\. q\ x \ q \ \ ` k" using seq_of_denses apply_funtype[OF countable_subs_of_P] unfolding dense_def by blast } with assms - show "f`succ(n)\ f`n \ f`succ(n) \ \ ` n" "f`succ(n)\P" + show "f`succ(n)\ f`n \ f`succ(n) \ \ ` n" "f`succ(n)\\" unfolding f_def using countable_RS_sequence_aux by simp_all qed lemma RS_seq_type: - assumes "n \ nat" "p\P" "P \ range(enum)" "enum:nat\M" - shows "RS_seq(n,P,leq,p,enum,\) \ P" + assumes "n \ nat" "p\\" "\ \ range(enum)" "enum:nat\M" + shows "RS_seq(n,\,leq,p,enum,\) \ \" using assms countable_RS_sequence(1,3) by (induct;simp) lemma RS_seq_funtype: - assumes "p\P" "P \ range(enum)" "enum:nat\M" - shows "(\n\nat. RS_seq(n,P,leq,p,enum,\)): nat \ P" + assumes "p\\" "\ \ range(enum)" "enum:nat\M" + shows "(\n\nat. RS_seq(n,\,leq,p,enum,\)): nat \ \" using assms lam_type RS_seq_type by auto lemmas countable_rasiowa_sikorski = RS_sequence_imp_rasiowa_sikorski[OF _ RS_seq_funtype countable_RS_sequence(1,2)] end \ \\<^locale>\countable_generic\\ end diff --git a/thys/Independence_CH/Forcing_Theorems.thy b/thys/Independence_CH/Forcing_Theorems.thy --- a/thys/Independence_CH/Forcing_Theorems.thy +++ b/thys/Independence_CH/Forcing_Theorems.thy @@ -1,1528 +1,1528 @@ section\The Forcing Theorems\ theory Forcing_Theorems imports Cohen_Posets_Relative Forces_Definition Names begin context forcing_data1 begin subsection\The forcing relation in context\ lemma separation_forces : assumes fty: "\\formula" and far: "arity(\)\length(env)" and envty: "env\list(M)" shows "separation(##M,\p. (p \ \ env))" using separation_ax arity_forces far fty envty arity_forces_le - transitivity[of _ P] + transitivity[of _ \] by simp lemma Collect_forces : assumes "\\formula" and "arity(\)\length(env)" and "env\list(M)" shows - "{p\P . p \ \ env} \ M" + "{p\\ . p \ \ env} \ M" using assms separation_forces separation_closed by simp -lemma forces_mem_iff_dense_below: "p\P \ p forces\<^sub>a (t1 \ t2) \ dense_below( - {q\P. \s. \r. r\P \ \s,r\ \ t2 \ q\r \ q forces\<^sub>a (t1 = s)} +lemma forces_mem_iff_dense_below: "p\\ \ p forces\<^sub>a (t1 \ t2) \ dense_below( + {q\\. \s. \r. r\\ \ \s,r\ \ t2 \ q\r \ q forces\<^sub>a (t1 = s)} ,p)" using def_forces_mem[of p t1 t2] by blast subsection\Kunen 2013, Lemma IV.2.37(a)\ lemma strengthening_eq: - assumes "p\P" "r\P" "r\p" "p forces\<^sub>a (t1 = t2)" + assumes "p\\" "r\\" "r\p" "p forces\<^sub>a (t1 = t2)" shows "r forces\<^sub>a (t1 = t2)" using assms def_forces_eq[of _ t1 t2] leq_transD by blast (* Long proof *) (* proof - { fix s q - assume "q\ r" "q\P" + assume "q\ r" "q\\" with assms have "q\p" using leq_preord unfolding preorder_on_def trans_on_def by blast moreover - note \q\P\ assms + note \q\\\ assms moreover assume "s\domain(t1) \ domain(t2)" ultimately have "q forces\<^sub>a ( s \ t1) \ q forces\<^sub>a ( s \ t2)" using def_forces_eq[of p t1 t2] by simp } - with \r\P\ + with \r\\\ show ?thesis using def_forces_eq[of r t1 t2] by blast qed *) subsection\Kunen 2013, Lemma IV.2.37(a)\ lemma strengthening_mem: - assumes "p\P" "r\P" "r\p" "p forces\<^sub>a (t1 \ t2)" + assumes "p\\" "r\\" "r\p" "p forces\<^sub>a (t1 \ t2)" shows "r forces\<^sub>a (t1 \ t2)" using assms forces_mem_iff_dense_below dense_below_under by auto subsection\Kunen 2013, Lemma IV.2.37(b)\ lemma density_mem: - assumes "p\P" - shows "p forces\<^sub>a (t1 \ t2) \ dense_below({q\P. q forces\<^sub>a (t1 \ t2)},p)" + assumes "p\\" + shows "p forces\<^sub>a (t1 \ t2) \ dense_below({q\\. q forces\<^sub>a (t1 \ t2)},p)" proof assume "p forces\<^sub>a (t1 \ t2)" with assms - show "dense_below({q\P. q forces\<^sub>a (t1 \ t2)},p)" + show "dense_below({q\\. q forces\<^sub>a (t1 \ t2)},p)" using forces_mem_iff_dense_below strengthening_mem[of p] ideal_dense_below by auto next - assume "dense_below({q \ P . q forces\<^sub>a ( t1 \ t2)}, p)" + assume "dense_below({q \ \ . q forces\<^sub>a ( t1 \ t2)}, p)" with assms - have "dense_below({q\P. - dense_below({q'\P. \s r. r \ P \ \s,r\\t2 \ q'\r \ q' forces\<^sub>a (t1 = s)},q) + have "dense_below({q\\. + dense_below({q'\\. \s r. r \ \ \ \s,r\\t2 \ q'\r \ q' forces\<^sub>a (t1 = s)},q) },p)" using forces_mem_iff_dense_below by simp with assms show "p forces\<^sub>a (t1 \ t2)" using dense_below_dense_below forces_mem_iff_dense_below[of p t1 t2] by blast qed lemma aux_density_eq: assumes "dense_below( - {q'\P. \q. q\P \ q\q' \ q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)} + {q'\\. \q. q\\ \ q\q' \ q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)} ,p)" - "q forces\<^sub>a (s \ t1)" "q\P" "p\P" "q\p" + "q forces\<^sub>a (s \ t1)" "q\\" "p\\" "q\p" shows - "dense_below({r\P. r forces\<^sub>a (s \ t2)},q)" + "dense_below({r\\. r forces\<^sub>a (s \ t2)},q)" proof fix r - assume "r\P" "r\q" - moreover from this and \p\P\ \q\p\ \q\P\ + assume "r\\" "r\q" + moreover from this and \p\\\ \q\p\ \q\\\ have "r\p" using leq_transD by simp moreover - note \q forces\<^sub>a (s \ t1)\ \dense_below(_,p)\ \q\P\ + note \q forces\<^sub>a (s \ t1)\ \dense_below(_,p)\ \q\\\ ultimately - obtain q1 where "q1\r" "q1\P" "q1 forces\<^sub>a (s \ t2)" + obtain q1 where "q1\r" "q1\\" "q1 forces\<^sub>a (s \ t2)" using strengthening_mem[of q _ s t1] refl_leq leq_transD[of _ r q] by blast then - show "\d\{r \ P . r forces\<^sub>a ( s \ t2)}. d \ P \ d\ r" + show "\d\{r \ \ . r forces\<^sub>a ( s \ t2)}. d \ \ \ d\ r" by blast qed (* Kunen 2013, Lemma IV.2.37(b) *) lemma density_eq: - assumes "p\P" - shows "p forces\<^sub>a (t1 = t2) \ dense_below({q\P. q forces\<^sub>a (t1 = t2)},p)" + assumes "p\\" + shows "p forces\<^sub>a (t1 = t2) \ dense_below({q\\. q forces\<^sub>a (t1 = t2)},p)" proof assume "p forces\<^sub>a (t1 = t2)" - with \p\P\ - show "dense_below({q\P. q forces\<^sub>a (t1 = t2)},p)" + with \p\\\ + show "dense_below({q\\. q forces\<^sub>a (t1 = t2)},p)" using strengthening_eq ideal_dense_below by auto next - assume "dense_below({q\P. q forces\<^sub>a (t1 = t2)},p)" + assume "dense_below({q\\. q forces\<^sub>a (t1 = t2)},p)" { fix s q - let ?D1="{q'\P. \s\domain(t1) \ domain(t2). \q. q \ P \ q\q' \ + let ?D1="{q'\\. \s\domain(t1) \ domain(t2). \q. q \ \ \ q\q' \ q forces\<^sub>a (s \ t1)\q forces\<^sub>a (s \ t2)}" - let ?D2="{q'\P. \q. q\P \ q\q' \ q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)}" + let ?D2="{q'\\. \q. q\\ \ q\q' \ q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)}" assume "s\domain(t1) \ domain(t2)" then have "?D1\?D2" by blast with \dense_below(_,p)\ - have "dense_below({q'\P. \s\domain(t1) \ domain(t2). \q. q \ P \ q\q' \ + have "dense_below({q'\\. \s\domain(t1) \ domain(t2). \q. q \ \ \ q\q' \ q forces\<^sub>a (s \ t1)\q forces\<^sub>a (s \ t2)},p)" - using dense_below_cong'[OF \p\P\ def_forces_eq[of _ t1 t2]] by simp - with \p\P\ \?D1\?D2\ - have "dense_below({q'\P. \q. q\P \ q\q' \ + using dense_below_cong'[OF \p\\\ def_forces_eq[of _ t1 t2]] by simp + with \p\\\ \?D1\?D2\ + have "dense_below({q'\\. \q. q\\ \ q\q' \ q forces\<^sub>a (s \ t1) \ q forces\<^sub>a (s \ t2)},p)" using dense_below_mono by simp moreover from this (* Automatic tools can't handle this symmetry in order to apply aux_density_eq below *) - have "dense_below({q'\P. \q. q\P \ q\q' \ + have "dense_below({q'\\. \q. q\\ \ q\q' \ q forces\<^sub>a (s \ t2) \ q forces\<^sub>a (s \ t1)},p)" by blast moreover - assume "q \ P" "q\p" + assume "q \ \" "q\p" moreover - note \p\P\ + note \p\\\ ultimately (*We can omit the next step but it is slower *) - have "q forces\<^sub>a (s \ t1) \ dense_below({r\P. r forces\<^sub>a (s \ t2)},q)" - "q forces\<^sub>a (s \ t2) \ dense_below({r\P. r forces\<^sub>a (s \ t1)},q)" + have "q forces\<^sub>a (s \ t1) \ dense_below({r\\. r forces\<^sub>a (s \ t2)},q)" + "q forces\<^sub>a (s \ t2) \ dense_below({r\\. r forces\<^sub>a (s \ t1)},q)" using aux_density_eq by simp_all then have "q forces\<^sub>a ( s \ t1) \ q forces\<^sub>a ( s \ t2)" - using density_mem[OF \q\P\] by blast + using density_mem[OF \q\\\] by blast } - with \p\P\ + with \p\\\ show "p forces\<^sub>a (t1 = t2)" using def_forces_eq by blast qed subsection\Kunen 2013, Lemma IV.2.38\ lemma not_forces_neq: - assumes "p\P" - shows "p forces\<^sub>a (t1 = t2) \ \ (\q\P. q\p \ q forces\<^sub>a (t1 \ t2))" + assumes "p\\" + shows "p forces\<^sub>a (t1 = t2) \ \ (\q\\. q\p \ q forces\<^sub>a (t1 \ t2))" using assms density_eq unfolding forces_neq_def by blast lemma not_forces_nmem: - assumes "p\P" - shows "p forces\<^sub>a (t1 \ t2) \ \ (\q\P. q\p \ q forces\<^sub>a (t1 \ t2))" + assumes "p\\" + shows "p forces\<^sub>a (t1 \ t2) \ \ (\q\\. q\p \ q forces\<^sub>a (t1 \ t2))" using assms density_mem unfolding forces_nmem_def by blast subsection\The relation of forcing and atomic formulas\ lemma Forces_Equal: assumes - "p\P" "t1\M" "t2\M" "env\list(M)" "nth(n,env) = t1" "nth(m,env) = t2" "n\nat" "m\nat" + "p\\" "t1\M" "t2\M" "env\list(M)" "nth(n,env) = t1" "nth(m,env) = t2" "n\nat" "m\nat" shows "(p \ Equal(n,m) env) \ p forces\<^sub>a (t1 = t2)" using assms sats_forces_Equal forces_eq_abs transitivity by simp lemma Forces_Member: assumes - "p\P" "t1\M" "t2\M" "env\list(M)" "nth(n,env) = t1" "nth(m,env) = t2" "n\nat" "m\nat" + "p\\" "t1\M" "t2\M" "env\list(M)" "nth(n,env) = t1" "nth(m,env) = t2" "n\nat" "m\nat" shows "(p \ Member(n,m) env) \ p forces\<^sub>a (t1 \ t2)" using assms sats_forces_Member forces_mem_abs transitivity by simp lemma Forces_Neg: assumes - "p\P" "env \ list(M)" "\\formula" + "p\\" "env \ list(M)" "\\formula" shows - "(p \ Neg(\) env) \ \(\q\M. q\P \ q\p \ (q \ \ env))" + "(p \ Neg(\) env) \ \(\q\M. q\\ \ q\p \ (q \ \ env))" using assms sats_forces_Neg transitivity pair_in_M_iff leq_abs by simp subsection\The relation of forcing and connectives\ lemma Forces_Nand: assumes - "p\P" "env \ list(M)" "\\formula" "\\formula" + "p\\" "env \ list(M)" "\\formula" "\\formula" shows - "(p \ Nand(\,\) env) \ \(\q\M. q\P \ q\p \ (q \ \ env) \ (q \ \ env))" + "(p \ Nand(\,\) env) \ \(\q\M. q\\ \ q\p \ (q \ \ env) \ (q \ \ env))" using assms sats_forces_Nand transitivity pair_in_M_iff leq_abs by simp lemma Forces_And_aux: assumes - "p\P" "env \ list(M)" "\\formula" "\\formula" + "p\\" "env \ list(M)" "\\formula" "\\formula" shows "p \ And(\,\) env \ - (\q\M. q\P \ q\p \ (\r\M. r\P \ r\q \ (r \ \ env) \ (r \ \ env)))" + (\q\M. q\\ \ q\p \ (\r\M. r\\ \ r\q \ (r \ \ env) \ (r \ \ env)))" unfolding And_def using assms Forces_Neg Forces_Nand by (auto simp only:) lemma Forces_And_iff_dense_below: assumes - "p\P" "env \ list(M)" "\\formula" "\\formula" + "p\\" "env \ list(M)" "\\formula" "\\formula" shows - "(p \ And(\,\) env) \ dense_below({r\P. (r \ \ env) \ (r \ \ env) },p)" + "(p \ And(\,\) env) \ dense_below({r\\. (r \ \ env) \ (r \ \ env) },p)" unfolding dense_below_def using Forces_And_aux assms by (auto dest:transitivity[OF _ P_in_M]; rename_tac q; drule_tac x=q in bspec)+ lemma Forces_Forall: assumes - "p\P" "env \ list(M)" "\\formula" + "p\\" "env \ list(M)" "\\formula" shows "(p \ Forall(\) env) \ (\x\M. (p \ \ ([x] @ env)))" using sats_forces_Forall assms transitivity[OF _ P_in_M] by simp (* "x\val(G,\) \ \\. \p\G. \\,p\\\ \ val(G,\) = x" *) bundle some_rules = elem_of_val_pair [dest] context includes some_rules begin -lemma elem_of_valI: "\\. \p\P. p\G \ \\,p\\\ \ val(G,\) = x \ x\val(G,\)" +lemma elem_of_valI: "\\. \p\\. p\G \ \\,p\\\ \ val(G,\) = x \ x\val(G,\)" by (subst def_val, auto) lemma GenExt_iff: "x\M[G] \ (\\\M. x = val(G,\))" unfolding GenExt_def by simp end end context G_generic1 begin subsection\Kunen 2013, Lemma IV.2.29\ lemma generic_inter_dense_below: assumes "D\M" "dense_below(D,p)" "p\G" shows "D \ G \ 0" proof - - let ?D="{q\P. p\q \ q\D}" + let ?D="{q\\. p\q \ q\D}" have "dense(?D)" proof fix r - assume "r\P" - show "\d\{q \ P . p \ q \ q \ D}. d \ r" + assume "r\\" + show "\d\{q \ \ . p \ q \ q \ D}. d \ r" proof (cases "p \ r") case True - with \r\P\ + with \r\\\ (* Automatic tools can't handle this case for some reason... *) show ?thesis using refl_leq[of r] by (intro bexI) (blast+) next case False then - obtain s where "s\P" "s\p" "s\r" by blast - with assms \r\P\ + obtain s where "s\\" "s\p" "s\r" by blast + with assms \r\\\ show ?thesis using dense_belowD[OF assms(2), of s] leq_transD[of _ s r] by blast qed qed - have "?D\P" by auto + have "?D\\" by auto let ?d_fm="\\\compat_in_fm(1, 2, 3, 0) \ \ \0 \ 4\\" from \p\G\ have "p\M" using G_subset_M subsetD by simp moreover have "?d_fm\formula" by simp moreover have "arity(?d_fm) = 5" by (auto simp add: arity) moreover from \D\M\ \p\M\ - have "(M, [q,P,leq,p,D] \ ?d_fm) \ (\ is_compat_in(##M,P,leq,p,q) \ q\D)" + have "(M, [q,\,leq,p,D] \ ?d_fm) \ (\ is_compat_in(##M,\,leq,p,q) \ q\D)" if "q\M" for q using that sats_compat_in_fm zero_in_M by simp moreover from \p\M\ - have "(\ is_compat_in(##M,P,leq,p,q) \ q\D) \ p\q \ q\D" if "q\M" for q + have "(\ is_compat_in(##M,\,leq,p,q) \ q\D) \ p\q \ q\D" if "q\M" for q unfolding compat_def using that compat_in_abs by simp ultimately have "?D\M" - using Collect_in_M[of ?d_fm "[P,leq,p,D]"] \D\M\ + using Collect_in_M[of ?d_fm "[\,leq,p,D]"] \D\M\ by simp - note asm = \dense(?D)\ \?D\P\ \?D\M\ + note asm = \dense(?D)\ \?D\\\ \?D\M\ obtain x where "x\G" "x\?D" using M_generic_denseD[OF asm] by force (* by (erule bexE) does it, but the other automatic tools don't *) moreover from this have "x\D" using M_generic_compatD[OF _ \p\G\, of x] refl_leq compatI[of _ p x] by force ultimately show ?thesis by auto qed subsection\Auxiliary results for Lemma IV.2.40(a)\ lemma (in forcing_data1) IV240a_mem_Collect: assumes "\\M" "\\M" shows - "{q\P. \\. \r. r\P \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)}\M" + "{q\\. \\. \r. r\\ \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)}\M" proof - let ?rel_pred= "\M x a1 a2 a3 a4. \\[M]. \r[M]. \\r[M]. r\a1 \ pair(M,\,r,\r) \ \r\a4 \ is_leq(M,a2,x,r) \ is_forces_eq'(M,a1,a2,x,a3,\)" let ?\="Exists(Exists(Exists(And(Member(1,4),And(pair_fm(2,1,0), And(Member(0,7),And(is_leq_fm(5,3,1),forces_eq_fm(4,5,3,6,2))))))))" have "\\M \ r\M" if "\\, r\ \ \" for \ r using that \\\M\ pair_in_M_iff transitivity[of "\\,r\" \] by simp then - have "?rel_pred(##M,q,P,leq,\,\) \ (\\. \r. r\P \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \))" + have "?rel_pred(##M,q,\,leq,\,\) \ (\\. \r. r\\ \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \))" if "q\M" for q unfolding forces_eq_def using assms that leq_abs forces_eq'_abs pair_in_M_iff by auto moreover - have "(M, [q,P,leq,\,\] \ ?\) \ ?rel_pred(##M,q,P,leq,\,\)" if "q\M" for q + have "(M, [q,\,leq,\,\] \ ?\) \ ?rel_pred(##M,q,\,leq,\,\)" if "q\M" for q using assms that sats_forces_eq_fm sats_is_leq_fm zero_in_M by simp moreover have "?\\formula" by simp moreover have "arity(?\)=5" using arity_forces_eq_fm by (simp add:ord_simp_union arity) ultimately show ?thesis - unfolding forces_eq_def using assms Collect_in_M[of ?\ "[P,leq,\,\]"] + unfolding forces_eq_def using assms Collect_in_M[of ?\ "[\,leq,\,\]"] by simp qed (* Lemma IV.2.40(a), membership *) lemma IV240a_mem: assumes "p\G" "\\M" "\\M" "p forces\<^sub>a (\ \ \)" - "\q \. q\P \ q\G \ \\domain(\) \ q forces\<^sub>a (\ = \) \ + "\q \. q\\ \ q\G \ \\domain(\) \ q forces\<^sub>a (\ = \) \ val(G,\) = val(G,\)" (* inductive hypothesis *) shows "val(G,\)\val(G,\)" proof (intro elem_of_valI) - let ?D="{q\P. \\. \r. r\P \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)}" + let ?D="{q\\. \\. \r. r\\ \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)}" from \p\G\ - have "p\P" by blast + have "p\\" by blast moreover note \\\M\ \\\M\ ultimately have "?D \ M" using IV240a_mem_Collect by simp - moreover from assms \p\P\ + moreover from assms \p\\\ have "dense_below(?D,p)" using forces_mem_iff_dense_below by simp moreover note \p\G\ ultimately obtain q where "q\G" "q\?D" using generic_inter_dense_below[of ?D p] by blast then - obtain \ r where "r\P" "\\,r\ \ \" "q\r" "q forces\<^sub>a (\ = \)" by blast + obtain \ r where "r\\" "\\,r\ \ \" "q\r" "q forces\<^sub>a (\ = \)" by blast moreover from this and \q\G\ assms have "r \ G" "val(G,\) = val(G,\)" by blast+ ultimately - show "\ \. \p\P. p \ G \ \\, p\ \ \ \ val(G, \) = val(G, \)" by auto + show "\ \. \p\\. p \ G \ \\, p\ \ \ \ val(G, \) = val(G, \)" by auto qed (* Example IV.2.36 (next two lemmas) *) -lemma refl_forces_eq:"p\P \ p forces\<^sub>a (x = x)" +lemma refl_forces_eq:"p\\ \ p forces\<^sub>a (x = x)" using def_forces_eq by simp -lemma forces_memI: "\\,r\\\ \ p\P \ r\P \ p\r \ p forces\<^sub>a (\ \ \)" +lemma forces_memI: "\\,r\\\ \ p\\ \ r\\ \ p\r \ p forces\<^sub>a (\ \ \)" using refl_forces_eq[of _ \] leq_transD refl_leq by (blast intro:forces_mem_iff_dense_below[THEN iffD2]) (* Lemma IV.2.40(a), equality, first inclusion *) lemma IV240a_eq_1st_incl: includes some_rules assumes "p\G" "p forces\<^sub>a (\ = \)" and - IH:"\q \. q\P \ q\G \ \\domain(\) \ domain(\) \ + IH:"\q \. q\\ \ q\G \ \\domain(\) \ domain(\) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\))" (* Strong enough for this case: *) - (* IH:"\q \. q\P \ \\domain(\) \ q forces\<^sub>a (\ \ \) \ + (* IH:"\q \. q\\ \ \\domain(\) \ q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)" *) shows "val(G,\) \ val(G,\)" proof fix x assume "x\val(G,\)" then obtain \ r where "\\,r\\\" "r\G" "val(G,\)=x" by blast moreover from this and \p\G\ obtain q where "q\G" "q\p" "q\r" by force moreover from this and \p\G\ - have "q\P" "p\P" by blast+ + have "q\\" "p\\" by blast+ moreover from calculation have "q forces\<^sub>a (\ \ \)" using forces_memI by auto moreover note \p forces\<^sub>a (\ = \)\ ultimately have "q forces\<^sub>a (\ \ \)" using def_forces_eq by auto - with \q\P\ \q\G\ IH[of q \] \\\,r\\\\ \val(G,\) = x\ + with \q\\\ \q\G\ IH[of q \] \\\,r\\\\ \val(G,\) = x\ show "x\val(G,\)" by blast qed -(* Lemma IV.2.40(a), equality, second inclusion--- COPY-PASTE *) +(* Lemma IV.2.40(a), equality, second inclusion--- CO\Y-\ASTE *) lemma IV240a_eq_2nd_incl: includes some_rules assumes "p\G" "p forces\<^sub>a (\ = \)" and - IH:"\q \. q\P \ q\G \ \\domain(\) \ domain(\) \ + IH:"\q \. q\\ \ q\G \ \\domain(\) \ domain(\) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\))" shows "val(G,\) \ val(G,\)" proof fix x assume "x\val(G,\)" then obtain \ r where "\\,r\\\" "r\G" "val(G,\)=x" by blast moreover from this and \p\G\ obtain q where "q\G" "q\p" "q\r" by force moreover from this and \p\G\ - have "q\P" "p\P" by blast+ + have "q\\" "p\\" by blast+ moreover from calculation have "q forces\<^sub>a (\ \ \)" using forces_memI by auto moreover note \p forces\<^sub>a (\ = \)\ ultimately have "q forces\<^sub>a (\ \ \)" using def_forces_eq by auto - with \q\P\ \q\G\ IH[of q \] \\\,r\\\\ \val(G,\) = x\ + with \q\\\ \q\G\ IH[of q \] \\\,r\\\\ \val(G,\) = x\ show "x\val(G,\)" by blast qed -(* Lemma IV.2.40(a), equality, second inclusion--- COPY-PASTE *) +(* Lemma IV.2.40(a), equality, second inclusion--- CO\Y-\ASTE *) lemma IV240a_eq: includes some_rules assumes "p\G" "p forces\<^sub>a (\ = \)" and - IH:"\q \. q\P \ q\G \ \\domain(\) \ domain(\) \ + IH:"\q \. q\\ \ q\G \ \\domain(\) \ domain(\) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)) \ (q forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\))" shows "val(G,\) = val(G,\)" using IV240a_eq_1st_incl[OF assms] IV240a_eq_2nd_incl[OF assms] IH by blast subsection\Induction on names\ lemma (in forcing_data1) core_induction: assumes - "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\)\ \ Q(0,\,\,q)\ \ Q(1,\,\,p)" - "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\) \ domain(\)\ \ Q(1,\,\,q) \ Q(1,\,\,q)\ \ Q(0,\,\,p)" - "ft \ 2" "p \ P" + "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\)\ \ Q(0,\,\,q)\ \ Q(1,\,\,p)" + "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\) \ domain(\)\ \ Q(1,\,\,q) \ Q(1,\,\,q)\ \ Q(0,\,\,p)" + "ft \ 2" "p \ \" shows "Q(ft,\,\,p)" proof - { fix ft p \ \ have "Transset(eclose({\,\}))" (is "Transset(?e)") using Transset_eclose by simp have "\ \ ?e" "\ \ ?e" using arg_into_eclose by simp_all moreover - assume "ft \ 2" "p \ P" + assume "ft \ 2" "p \ \" ultimately - have "\ft,\,\,p\\ 2\?e\?e\P" (is "?a\2\?e\?e\P") by simp + have "\ft,\,\,p\\ 2\?e\?e\\" (is "?a\2\?e\?e\\") by simp then have "Q(ftype(?a), name1(?a), name2(?a), cond_of(?a))" - using core_induction_aux[of ?e P Q ?a,OF \Transset(?e)\ assms(1,2) \?a\_\] + using core_induction_aux[of ?e \ Q ?a,OF \Transset(?e)\ assms(1,2) \?a\_\] by (clarify) (blast) then have "Q(ft,\,\,p)" by (simp add:components_simp) } then show ?thesis using assms by simp qed lemma (in forcing_data1) forces_induction_with_conds: assumes - "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\)\ \ Q(q,\,\)\ \ R(p,\,\)" - "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\) \ domain(\)\ \ R(q,\,\) \ R(q,\,\)\ \ Q(p,\,\)" - "p \ P" + "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\)\ \ Q(q,\,\)\ \ R(p,\,\)" + "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\) \ domain(\)\ \ R(q,\,\) \ R(q,\,\)\ \ Q(p,\,\)" + "p \ \" shows "Q(p,\,\) \ R(p,\,\)" proof - let ?Q="\ft \ \ p. (ft = 0 \ Q(p,\,\)) \ (ft = 1 \ R(p,\,\))" from assms(1) - have "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\)\ \ ?Q(0,\,\,q)\ \ ?Q(1,\,\,p)" + have "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\)\ \ ?Q(0,\,\,q)\ \ ?Q(1,\,\,p)" by simp moreover from assms(2) - have "\\ \ p. p \ P \ \\q \. \q\P ; \\domain(\) \ domain(\)\ \ ?Q(1,\,\,q) \ ?Q(1,\,\,q)\ \ ?Q(0,\,\,p)" + have "\\ \ p. p \ \ \ \\q \. \q\\ ; \\domain(\) \ domain(\)\ \ ?Q(1,\,\,q) \ ?Q(1,\,\,q)\ \ ?Q(0,\,\,p)" by simp moreover - note \p\P\ + note \p\\\ ultimately have "?Q(ft,\,\,p)" if "ft\2" for ft by (rule core_induction[OF _ _ that, of ?Q]) then show ?thesis by auto qed lemma (in forcing_data1) forces_induction: assumes "\\ \. \\\. \\domain(\) \ Q(\,\)\ \ R(\,\)" "\\ \. \\\. \\domain(\) \ domain(\) \ R(\,\) \ R(\,\)\ \ Q(\,\)" shows "Q(\,\) \ R(\,\)" proof (intro forces_induction_with_conds[OF _ _ one_in_P ]) fix \ \ p - assume "q \ P \ \ \ domain(\) \ Q(\, \)" for q \ + assume "q \ \ \ \ \ domain(\) \ Q(\, \)" for q \ with assms(1) show "R(\,\)" using one_in_P by simp next fix \ \ p - assume "q \ P \ \ \ domain(\) \ domain(\) \ R(\,\) \ R(\,\)" for q \ + assume "q \ \ \ \ \ domain(\) \ domain(\) \ R(\,\) \ R(\,\)" for q \ with assms(2) show "Q(\,\)" using one_in_P by simp qed subsection\Lemma IV.2.40(a), in full\ lemma IV240a: shows "(\\M \ \\M \ (\p\G. p forces\<^sub>a (\ = \) \ val(G,\) = val(G,\))) \ (\\M \ \\M \ (\p\G. p forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)))" (is "?Q(\,\) \ ?R(\,\)") proof (intro forces_induction[of ?Q ?R] impI) fix \ \ assume "\\M" "\\M" "\\domain(\) \ ?Q(\,\)" for \ moreover from this have "\\domain(\) \ q forces\<^sub>a (\ = \) \ val(G, \) = val(G, \)" - if "q\P" "q\G" for q \ + if "q\\" "q\G" for q \ using that domain_closed[of \] transitivity by auto ultimately show "\p\G. p forces\<^sub>a (\ \ \) \ val(G,\) \ val(G,\)" using IV240a_mem domain_closed transitivity by simp next fix \ \ assume "\\M" "\\M" and d:"\ \ domain(\) \ domain(\) \ ?R(\,\) \ ?R(\,\)" for \ moreover from this have IH':"(q forces\<^sub>a (\ \ \) \ val(G, \) \ val(G, \)) \ (q forces\<^sub>a (\ \ \) \ val(G, \) \ val(G, \))" if "\ \ domain(\) \ domain(\)" "q\G" for q \ proof - from d that have A:"?R(\,\)" "?R(\,\)" by auto from \\\_\ \\\M\ \q\G\ \\\_\ show ?thesis using transitivity[of \] domain_closed A[rule_format,of q] by auto qed show "\p\G. p forces\<^sub>a (\ = \) \ val(G,\) = val(G,\)" using IV240a_eq[OF _ _ IH'] by simp qed subsection\Lemma IV.2.40(b)\ (* Lemma IV.2.40(b), membership *) lemma IV240b_mem: includes some_rules assumes "val(G,\)\val(G,\)" "\\M" "\\M" and IH:"\\. \\domain(\) \ val(G,\) = val(G,\) \ \p\G. p forces\<^sub>a (\ = \)" (* inductive hypothesis *) shows "\p\G. p forces\<^sub>a (\ \ \)" proof - from \val(G,\)\val(G,\)\ obtain \ r where "r\G" "\\,r\\\" "val(G,\) = val(G,\)" by auto moreover from this and IH obtain p' where "p'\G" "p' forces\<^sub>a (\ = \)" by blast ultimately obtain p where "p\r" "p\p'" "p\G" "p forces\<^sub>a (\ = \)" using M_generic_compatD strengthening_eq[of p'] M_genericD by auto moreover from calculation - have "q forces\<^sub>a (\ = \)" if "q\P" "q\p" for q + have "q forces\<^sub>a (\ = \)" if "q\\" "q\p" for q using that strengthening_eq by blast moreover note \\\,r\\\\ \r\G\ ultimately - have "r\P \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)" if "q\P" "q\p" for q + have "r\\ \ \\,r\ \ \ \ q\r \ q forces\<^sub>a (\ = \)" if "q\\" "q\p" for q using that leq_transD[of _ p r] by blast then - have "dense_below({q\P. \s r. r\P \ \s,r\ \ \ \ q\r \ q forces\<^sub>a (\ = s)},p)" + have "dense_below({q\\. \s r. r\\ \ \s,r\ \ \ \ q\r \ q forces\<^sub>a (\ = s)},p)" using refl_leq by blast moreover note \p\G\ moreover from calculation have "p forces\<^sub>a (\ \ \)" using forces_mem_iff_dense_below by blast ultimately show ?thesis by blast qed end \ \\<^locale>\G_generic1\\ context forcing_data1 begin lemma Collect_forces_eq_in_M: assumes "\ \ M" "\ \ M" - shows "{p\P. p forces\<^sub>a (\ = \)} \ M" - using assms Collect_in_M[of "forces_eq_fm(1,2,0,3,4)" "[P,leq,\,\]"] + shows "{p\\. p forces\<^sub>a (\ = \)} \ M" + using assms Collect_in_M[of "forces_eq_fm(1,2,0,3,4)" "[\,leq,\,\]"] arity_forces_eq_fm sats_forces_eq_fm forces_eq_abs forces_eq_fm_type by (simp add: union_abs1 Un_commute) lemma IV240b_eq_Collects: assumes "\ \ M" "\ \ M" - shows "{p\P. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}\M" and - "{p\P. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}\M" + shows "{p\\. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}\M" and + "{p\\. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}\M" proof - let ?rel_pred="\M x a1 a2 a3 a4. \\[M]. \u[M]. \da3[M]. \da4[M]. is_domain(M,a3,da3) \ is_domain(M,a4,da4) \ union(M,da3,da4,u) \ \\u \ is_forces_mem'(M,a1,a2,x,\,a3) \ is_forces_nmem'(M,a1,a2,x,\,a4)" let ?\="Exists(Exists(Exists(Exists(And(domain_fm(7,1),And(domain_fm(8,0), And(union_fm(1,0,2),And(Member(3,2),And(forces_mem_fm(5,6,4,3,7), forces_nmem_fm(5,6,4,3,8))))))))))" have 1:"\\M" if "\\,y\\\" "\\M" for \ \ y using that pair_in_M_iff transitivity[of "\\,y\" \] by simp - have abs1:"?rel_pred(##M,p,P,leq,\,\) \ - (\\\domain(\) \ domain(\). forces_mem'(P,leq,p,\,\) \ forces_nmem'(P,leq,p,\,\))" + have abs1:"?rel_pred(##M,p,\,leq,\,\) \ + (\\\domain(\) \ domain(\). forces_mem'(\,leq,p,\,\) \ forces_nmem'(\,leq,p,\,\))" if "p\M" for p unfolding forces_mem_def forces_nmem_def using assms that forces_mem'_abs forces_nmem'_abs domain_closed Un_closed by (auto simp add:1[of _ _ \] 1[of _ _ \]) - have abs2:"?rel_pred(##M,p,P,leq,\,\) \ (\\\domain(\) \ domain(\). - forces_nmem'(P,leq,p,\,\) \ forces_mem'(P,leq,p,\,\))" if "p\M" for p + have abs2:"?rel_pred(##M,p,\,leq,\,\) \ (\\\domain(\) \ domain(\). + forces_nmem'(\,leq,p,\,\) \ forces_mem'(\,leq,p,\,\))" if "p\M" for p unfolding forces_mem_def forces_nmem_def using assms that forces_mem'_abs forces_nmem'_abs domain_closed Un_closed by (auto simp add:1[of _ _ \] 1[of _ _ \]) - have fsats1:"(M,[p,P,leq,\,\] \ ?\) \ ?rel_pred(##M,p,P,leq,\,\)" if "p\M" for p + have fsats1:"(M,[p,\,leq,\,\] \ ?\) \ ?rel_pred(##M,p,\,leq,\,\)" if "p\M" for p using that assms sats_forces_mem_fm sats_forces_nmem_fm zero_in_M domain_closed Un_closed by simp - have fsats2:"(M,[p,P,leq,\,\] \ ?\) \ ?rel_pred(##M,p,P,leq,\,\)" if "p\M" for p + have fsats2:"(M,[p,\,leq,\,\] \ ?\) \ ?rel_pred(##M,p,\,leq,\,\)" if "p\M" for p using that assms sats_forces_mem_fm sats_forces_nmem_fm zero_in_M domain_closed Un_closed by simp have fty:"?\\formula" by simp have farit:"arity(?\)=5" by (simp add:ord_simp_union arity) show - "{p \ P . \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)} \ M" - and "{p \ P . \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)} \ M" + "{p \ \ . \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)} \ M" + and "{p \ \ . \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)} \ M" unfolding forces_mem_def using abs1 fty fsats1 farit assms forces_nmem - Collect_in_M[of ?\ "[P,leq,\,\]"] + Collect_in_M[of ?\ "[\,leq,\,\]"] using abs2 fty fsats2 farit assms forces_nmem domain_closed Un_closed - Collect_in_M[of ?\ "[P,leq,\,\]"] + Collect_in_M[of ?\ "[\,leq,\,\]"] by simp_all qed end \ \\<^locale>\forcing_data1\\ context G_generic1 begin (* Lemma IV.2.40(b), equality *) lemma IV240b_eq: includes some_rules assumes "val(G,\) = val(G,\)" "\\M" "\\M" and IH:"\\. \\domain(\)\domain(\) \ (val(G,\)\val(G,\) \ (\q\G. q forces\<^sub>a (\ \ \))) \ (val(G,\)\val(G,\) \ (\q\G. q forces\<^sub>a (\ \ \)))" (* inductive hypothesis *) shows "\p\G. p forces\<^sub>a (\ = \)" proof - - let ?D1="{p\P. p forces\<^sub>a (\ = \)}" - let ?D2="{p\P. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}" - let ?D3="{p\P. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}" + let ?D1="{p\\. p forces\<^sub>a (\ = \)}" + let ?D2="{p\\. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}" + let ?D3="{p\\. \\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)}" let ?D="?D1 \ ?D2 \ ?D3" note assms moreover from this have "domain(\) \ domain(\)\M" (is "?B\M") using domain_closed Un_closed by auto moreover from calculation have "?D2\M" and "?D3\M" using IV240b_eq_Collects by simp_all ultimately have "?D\M" using Collect_forces_eq_in_M Un_closed by auto moreover have "dense(?D)" proof fix p - assume "p\P" - have "\d\P. (d forces\<^sub>a (\ = \) \ + assume "p\\" + have "\d\\. (d forces\<^sub>a (\ = \) \ (\\\domain(\) \ domain(\). d forces\<^sub>a (\ \ \) \ d forces\<^sub>a (\ \ \)) \ (\\\domain(\) \ domain(\). d forces\<^sub>a (\ \ \) \ d forces\<^sub>a (\ \ \))) \ d \ p" proof (cases "p forces\<^sub>a (\ = \)") case True - with \p\P\ + with \p\\\ show ?thesis using refl_leq by blast next case False - moreover note \p\P\ + moreover note \p\\\ moreover from calculation - obtain \ q where "\\domain(\)\domain(\)" "q\P" "q\p" + obtain \ q where "\\domain(\)\domain(\)" "q\\" "q\p" "(q forces\<^sub>a (\ \ \) \ \ q forces\<^sub>a (\ \ \)) \ (\ q forces\<^sub>a (\ \ \) \ q forces\<^sub>a (\ \ \))" using def_forces_eq by blast moreover from this - obtain r where "r\q" "r\P" + obtain r where "r\q" "r\\" "(r forces\<^sub>a (\ \ \) \ r forces\<^sub>a (\ \ \)) \ (r forces\<^sub>a (\ \ \) \ r forces\<^sub>a (\ \ \))" using not_forces_nmem strengthening_mem by blast ultimately show ?thesis using leq_transD by blast qed then show "\d\?D . d \ p" by blast qed moreover - have "?D \ P" + have "?D \ \" by auto ultimately obtain p where "p\G" "p\?D" using M_generic_denseD[of ?D] by blast then consider (1) "p forces\<^sub>a (\ = \)" | (2) "\\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)" | (3) "\\\domain(\) \ domain(\). p forces\<^sub>a (\ \ \) \ p forces\<^sub>a (\ \ \)" by blast then show ?thesis proof (cases) case 1 with \p\G\ show ?thesis by blast next case 2 then obtain \ where "\\domain(\) \ domain(\)" "p forces\<^sub>a (\ \ \)" "p forces\<^sub>a (\ \ \)" by blast moreover from this and \p\G\ and assms have "val(G,\)\val(G,\)" using IV240a[of \ \] transitivity[OF _ domain_closed[simplified]] by force moreover note \val(G,\) = _\ ultimately obtain q where "q\G" "q forces\<^sub>a (\ \ \)" using IH[OF \\\_\] by auto moreover from this and \p\G\ - obtain r where "r\P" "r\p" "r\q" + obtain r where "r\\" "r\p" "r\q" by blast ultimately have "r forces\<^sub>a (\ \ \)" using strengthening_mem by blast - with \r\p\ \p forces\<^sub>a (\ \ \)\ \r\P\ + with \r\p\ \p forces\<^sub>a (\ \ \)\ \r\\\ have "False" unfolding forces_nmem_def by blast then show ?thesis by simp next (* copy-paste from case 2 mutatis mutandis*) case 3 then obtain \ where "\\domain(\) \ domain(\)" "p forces\<^sub>a (\ \ \)" "p forces\<^sub>a (\ \ \)" by blast moreover from this and \p\G\ and assms have "val(G,\)\val(G,\)" using IV240a[of \ \] transitivity[OF _ domain_closed[simplified]] by force moreover note \val(G,\) = _\ ultimately obtain q where "q\G" "q forces\<^sub>a (\ \ \)" using IH[OF \\\_\] by auto moreover from this and \p\G\ - obtain r where "r\P" "r\p" "r\q" + obtain r where "r\\" "r\p" "r\q" by blast ultimately have "r forces\<^sub>a (\ \ \)" using strengthening_mem by blast - with \r\p\ \p forces\<^sub>a (\ \ \)\ \r\P\ + with \r\p\ \p forces\<^sub>a (\ \ \)\ \r\\\ have "False" unfolding forces_nmem_def by blast then show ?thesis by simp qed qed (* Lemma IV.2.40(b), full *) lemma IV240b: "(\\M\\\M\val(G,\) = val(G,\) \ (\p\G. p forces\<^sub>a (\ = \))) \ (\\M\\\M\val(G,\) \ val(G,\) \ (\p\G. p forces\<^sub>a (\ \ \)))" (is "?Q(\,\) \ ?R(\,\)") proof (intro forces_induction) fix \ \ p assume "\\domain(\) \ ?Q(\, \)" for \ then show "?R(\, \)" using IV240b_mem domain_closed transitivity by simp next fix \ \ p assume "\ \ domain(\) \ domain(\) \ ?R(\,\) \ ?R(\,\)" for \ moreover from this have IH':"\\M \ \\M \ \ \ domain(\) \ domain(\) \ (val(G, \) \ val(G, \) \ (\q\G. q forces\<^sub>a (\ \ \))) \ (val(G, \) \ val(G, \) \ (\q\G. q forces\<^sub>a (\ \ \)))" for \ using domain_trans[OF trans_M] by blast ultimately show "?Q(\,\)" using IV240b_eq by auto qed lemma truth_lemma_mem: assumes "env\list(M)" "n\nat" "m\nat" "np\G. p \ Member(n,m) env) \ M[G], map(val(G),env) \ Member(n,m)" using assms IV240a[of "nth(n,env)" "nth(m,env)"] IV240b[of "nth(n,env)" "nth(m,env)"] M_genericD Forces_Member[of _ "nth(n,env)" "nth(m,env)" env n m] map_val_in_MG by auto lemma truth_lemma_eq: assumes "env\list(M)" "n\nat" "m\nat" "np\G. p \ Equal(n,m) env) \ M[G], map(val(G),env) \ Equal(n,m)" using assms IV240a(1)[of "nth(n,env)" "nth(m,env)"] IV240b(1)[of "nth(n,env)" "nth(m,env)"] M_genericD Forces_Equal[of _ "nth(n,env)" "nth(m,env)" env n m] map_val_in_MG by auto end \ \\<^locale>\G_generic1\\ lemma arities_at_aux: assumes "n \ nat" "m \ nat" "env \ list(M)" "succ(n) \ succ(m) \ length(env)" shows "n < length(env)" "m < length(env)" using assms succ_leE[OF Un_leD1, of n "succ(m)" "length(env)"] succ_leE[OF Un_leD2, of "succ(n)" m "length(env)"] by auto subsection\The Strenghtening Lemma\ context forcing_data1 begin lemma strengthening_lemma: assumes - "p\P" "\\formula" "r\P" "r\p" + "p\\" "\\formula" "r\\" "r\p" "env\list(M)" "arity(\)\length(env)" shows "p \ \ env \ r \ \ env" using assms(2-) proof (induct arbitrary:env) case (Member n m) then have "nlist(M)" moreover note assms Member ultimately show ?case using Forces_Member[of _ "nth(n,env)" "nth(m,env)" env n m] strengthening_mem[of p r "nth(n,env)" "nth(m,env)"] by simp next case (Equal n m) then have "nlist(M)" moreover note assms Equal ultimately show ?case using Forces_Equal[of _ "nth(n,env)" "nth(m,env)" env n m] strengthening_eq[of p r "nth(n,env)" "nth(m,env)"] by simp next case (Nand \ \) with assms show ?case using Forces_Nand transitivity[OF _ P_in_M] pair_in_M_iff transitivity[OF _ leq_in_M] leq_transD by auto next case (Forall \) with assms have "p \ \ ([x] @ env)" if "x\M" for x using that Forces_Forall by simp with Forall have "r \ \ ([x] @ env)" if "x\M" for x using that pred_le2 by (simp) with assms Forall show ?case using Forces_Forall by simp qed subsection\The Density Lemma\ lemma arity_Nand_le: assumes "\ \ formula" "\ \ formula" "arity(Nand(\, \)) \ length(env)" "env\list(A)" shows "arity(\) \ length(env)" "arity(\) \ length(env)" using assms by (rule_tac Un_leD1, rule_tac [5] Un_leD2, auto) lemma dense_below_imp_forces: assumes - "p\P" "\\formula" + "p\\" "\\formula" "env\list(M)" "arity(\)\length(env)" shows - "dense_below({q\P. (q \ \ env)},p) \ (p \ \ env)" + "dense_below({q\\. (q \ \ env)},p) \ (p \ \ env)" using assms(2-) proof (induct arbitrary:env) case (Member n m) then have "nlist(M)" moreover note assms Member ultimately show ?case using Forces_Member[of _ "nth(n,env)" "nth(m,env)" env n m] density_mem[of p "nth(n,env)" "nth(m,env)"] by simp next case (Equal n m) then have "nlist(M)" moreover note assms Equal ultimately show ?case using Forces_Equal[of _ "nth(n,env)" "nth(m,env)" env n m] density_eq[of p "nth(n,env)" "nth(m,env)"] by simp next case (Nand \ \) { fix q - assume "q\M" "q\P" "q\ p" "q \ \ env" + assume "q\M" "q\\" "q\ p" "q \ \ env" moreover note Nand moreover from calculation - obtain d where "d\P" "d \ Nand(\, \) env" "d\ q" + obtain d where "d\\" "d \ Nand(\, \) env" "d\ q" using dense_belowI by auto moreover from calculation have "\(d\ \ env)" if "d \ \ env" using that Forces_Nand refl_leq transitivity[OF _ P_in_M, of d] by auto moreover note arity_Nand_le[of \ \] moreover from calculation have "d \ \ env" using strengthening_lemma[of q \ d env] Un_leD1 by auto ultimately have "\ (q \ \ env)" using strengthening_lemma[of q \ d env] by auto } - with \p\P\ + with \p\\\ show ?case using Forces_Nand[symmetric, OF _ Nand(6,1,3)] by blast next case (Forall \) - have "dense_below({q\P. q \ \ ([a]@env)},p)" if "a\M" for a + have "dense_below({q\\. q \ \ ([a]@env)},p)" if "a\M" for a proof fix r - assume "r\P" "r\p" + assume "r\\" "r\p" with \dense_below(_,p)\ - obtain q where "q\P" "q\r" "q \ Forall(\) env" + obtain q where "q\\" "q\r" "q \ Forall(\) env" by blast moreover note Forall \a\M\ moreover from calculation have "q \ \ ([a]@env)" using Forces_Forall by simp ultimately - show "\d \ {q\P. q \ \ ([a]@env)}. d \ P \ d\r" + show "\d \ {q\\. q \ \ ([a]@env)}. d \ \ \ d\r" by auto qed moreover note Forall(2)[of "Cons(_,env)"] Forall(1,3-5) ultimately have "p \ \ ([a]@env)" if "a\M" for a using that pred_le2 by simp with assms Forall show ?case using Forces_Forall by simp qed lemma density_lemma: assumes - "p\P" "\\formula" "env\list(M)" "arity(\)\length(env)" + "p\\" "\\formula" "env\list(M)" "arity(\)\length(env)" shows - "p \ \ env \ dense_below({q\P. (q \ \ env)},p)" + "p \ \ env \ dense_below({q\\. (q \ \ env)},p)" proof - assume "dense_below({q\P. (q \ \ env)},p)" + assume "dense_below({q\\. (q \ \ env)},p)" with assms show "(p \ \ env)" using dense_below_imp_forces by simp next assume "p \ \ env" with assms - show "dense_below({q\P. q \ \ env},p)" + show "dense_below({q\\. q \ \ env},p)" using strengthening_lemma refl_leq by auto qed subsection\The Truth Lemma\ lemma Forces_And: assumes - "p\P" "env \ list(M)" "\\formula" "\\formula" + "p\\" "env \ list(M)" "\\formula" "\\formula" "arity(\) \ length(env)" "arity(\) \ length(env)" shows "p \ And(\,\) env \ (p \ \ env) \ (p \ \ env)" proof assume "p \ And(\, \) env" with assms - have "dense_below({r \ P . (r \ \ env) \ (r \ \ env)}, p)" + have "dense_below({r \ \ . (r \ \ env) \ (r \ \ env)}, p)" using Forces_And_iff_dense_below by simp then - have "dense_below({r \ P . (r \ \ env)}, p)" "dense_below({r \ P . (r \ \ env)}, p)" + have "dense_below({r \ \ . (r \ \ env)}, p)" "dense_below({r \ \ . (r \ \ env)}, p)" by blast+ with assms show "(p \ \ env) \ (p \ \ env)" using density_lemma[symmetric] by simp next assume "(p \ \ env) \ (p \ \ env)" - have "dense_below({r \ P . (r \ \ env) \ (r \ \ env)}, p)" + have "dense_below({r \ \ . (r \ \ env) \ (r \ \ env)}, p)" proof (intro dense_belowI bexI conjI, assumption) fix q - assume "q\P" "q\ p" + assume "q\\" "q\ p" with assms \(p \ \ env) \ (p \ \ env)\ - show "q\{r \ P . (r \ \ env) \ (r \ \ env)}" "q\ q" + show "q\{r \ \ . (r \ \ env) \ (r \ \ env)}" "q\ q" using strengthening_lemma refl_leq by auto qed with assms show "p \ And(\,\) env" using Forces_And_iff_dense_below by simp qed lemma Forces_Nand_alt: assumes - "p\P" "env \ list(M)" "\\formula" "\\formula" + "p\\" "env \ list(M)" "\\formula" "\\formula" "arity(\) \ length(env)" "arity(\) \ length(env)" shows "(p \ Nand(\,\) env) \ (p \ Neg(And(\,\)) env)" using assms Forces_Nand Forces_And Forces_Neg by auto end context G_generic1 begin lemma truth_lemma_Neg: assumes "\\formula" "env\list(M)" "arity(\)\length(env)" and IH: "(\p\G. p \ \ env) \ M[G], map(val(G),env) \ \" shows "(\p\G. p \ Neg(\) env) \ M[G], map(val(G),env) \ Neg(\)" proof (intro iffI, elim bexE, rule ccontr) (* Direct implication by contradiction *) fix p assume "p\G" "p \ Neg(\) env" "\(M[G],map(val(G),env) \ Neg(\))" moreover note assms moreover from calculation - have "M[G], map(val(G),env) \ \" "p\P" + have "M[G], map(val(G),env) \ \" "p\\" using map_val_in_MG by auto with IH - obtain r where "r \ \ env" "r\G" "r\P" by blast + obtain r where "r \ \ env" "r\G" "r\\" by blast moreover from this and \p\G\ - obtain q where "q\p" "q\r" "q\G" "q\P" "q\M" + obtain q where "q\p" "q\r" "q\G" "q\\" "q\M" using transitivity[OF _ P_in_M] by blast moreover from calculation have "q \ \ env" using strengthening_lemma by simp - with assms \p \ _ _\ \q\p\ \q\M\ \p\P\ \q\P\ + with assms \p \ _ _\ \q\p\ \q\M\ \p\\\ \q\\\ show "False" using Forces_Neg by auto next assume "M[G], map(val(G),env) \ Neg(\)" with assms have "\ (M[G], map(val(G),env) \ \)" using map_val_in_MG by simp - let ?D="{p\P. (p \ \ env) \ (p \ Neg(\) env)}" + let ?D="{p\\. (p \ \ env) \ (p \ Neg(\) env)}" from assms have "?D \ M" using separation_disj separation_closed separation_forces by simp moreover - have "?D \ P" by auto + have "?D \ \" by auto moreover have "dense(?D)" proof fix q - assume "q\P" + assume "q\\" with assms - show "\d\{p \ P . (p \ \ env) \ (p \ Neg(\) env)}. d\ q" + show "\d\{p \ \ . (p \ \ env) \ (p \ Neg(\) env)}. d\ q" using refl_leq Forces_Neg by (cases "q \ Neg(\) env", auto) qed ultimately obtain p where "p\G" "(p \ \ env) \ (p \ Neg(\) env)" by blast then consider (1) "p \ \ env" | (2) "p \ Neg(\) env" by blast then show "\p\G. (p \ Neg(\) env)" proof (cases) case 1 with \\ (M[G],map(val(G),env) \ \)\ \p\G\ IH show ?thesis by blast next case 2 with \p\G\ show ?thesis by blast qed qed lemma truth_lemma_And: assumes "env\list(M)" "\\formula" "\\formula" "arity(\)\length(env)" "arity(\) \ length(env)" and IH: "(\p\G. p \ \ env) \ M[G], map(val(G),env) \ \" "(\p\G. p \ \ env) \ M[G], map(val(G),env) \ \" shows "(\p\G. (p \ And(\,\) env)) \ M[G] , map(val(G),env) \ And(\,\)" using assms map_val_in_MG Forces_And[OF M_genericD assms(1-5)] proof (intro iffI, elim bexE) fix p assume "p\G" "p \ And(\,\) env" with assms show "M[G], map(val(G),env) \ And(\,\)" using Forces_And[of _ _ \ \] map_val_in_MG M_genericD by auto next assume "M[G], map(val(G),env) \ And(\,\)" moreover note assms moreover from calculation - obtain q r where "q \ \ env" "r \ \ env" "q\G" "r\G" "r\P" "q\P" + obtain q r where "q \ \ env" "r \ \ env" "q\G" "r\G" "r\\" "q\\" using map_val_in_MG Forces_And[OF M_genericD assms(1-5)] M_genericD by auto moreover from calculation obtain p where "p\q" "p\r" "p\G" by auto moreover from calculation have "(p \ \ env) \ (p \ \ env)" (* can't solve as separate goals *) using strengthening_lemma[OF M_genericD] by force ultimately show "\p\G. (p \ And(\,\) env)" using Forces_And[OF M_genericD assms(1-5)] by auto qed end definition ren_truth_lemma :: "i\i" where "ren_truth_lemma(\) \ Exists(Exists(Exists(Exists(Exists( And(Equal(0,5),And(Equal(1,8),And(Equal(2,9),And(Equal(3,10),And(Equal(4,6), iterates(\p. incr_bv(p)`5 , 6, \)))))))))))" lemma ren_truth_lemma_type[TC] : "\\formula \ ren_truth_lemma(\) \formula" unfolding ren_truth_lemma_def by simp lemma arity_ren_truth : assumes "\\formula" shows "arity(ren_truth_lemma(\)) \ 6 \ succ(arity(\))" proof - consider (lt) "5 )" | (ge) "\ 5 < arity(\)" by auto then show ?thesis proof cases case lt consider (a) "5)+\<^sub>\5" | (b) "arity(\)+\<^sub>\5 \ 5" using not_lt_iff_le \\\_\ by force then show ?thesis proof cases case a with \\\_\ lt have "5 < succ(arity(\))" "5)+\<^sub>\2" "5)+\<^sub>\3" "5)+\<^sub>\4" using succ_ltI by auto with \\\_\ have c:"arity(iterates(\p. incr_bv(p)`5,5,\)) = 5+\<^sub>\arity(\)" (is "arity(?\') = _") using arity_incr_bv_lemma lt a by simp with \\\_\ have "arity(incr_bv(?\')`5) = 6+\<^sub>\arity(\)" using arity_incr_bv_lemma[of ?\' 5] a by auto with \\\_\ show ?thesis unfolding ren_truth_lemma_def using pred_Un_distrib union_abs1 Un_assoc[symmetric] a c union_abs2 by (simp add:arity) next case b with \\\_\ lt have "5 < succ(arity(\))" "5)+\<^sub>\2" "5)+\<^sub>\3" "5)+\<^sub>\4" "5)+\<^sub>\5" using succ_ltI by auto with \\\_\ have "arity(iterates(\p. incr_bv(p)`5,6,\)) = 6+\<^sub>\arity(\)" (is "arity(?\') = _") using arity_incr_bv_lemma lt by simp with \\\_\ show ?thesis unfolding ren_truth_lemma_def using pred_Un_distrib union_abs1 Un_assoc[symmetric] union_abs2 by (simp add:arity) qed next case ge with \\\_\ have "arity(\) \ 5" "pred^5(arity(\)) \ 5" using not_lt_iff_le le_trans[OF le_pred] by auto with \\\_\ have "arity(iterates(\p. incr_bv(p)`5,6,\)) = arity(\)" "arity(\)\6" "pred^5(arity(\)) \ 6" using arity_incr_bv_lemma ge le_trans[OF \arity(\)\5\] le_trans[OF \pred^5(arity(\))\5\] by auto with \arity(\) \ 5\ \\\_\ \pred^5(_) \ 5\ show ?thesis unfolding ren_truth_lemma_def using pred_Un_distrib union_abs1 Un_assoc[symmetric] union_abs2 by (simp add:arity) qed qed lemma sats_ren_truth_lemma: "[q,b,d,a1,a2,a3] @ env \ list(M) \ \ \ formula \ (M, [q,b,d,a1,a2,a3] @ env \ ren_truth_lemma(\) ) \ (M, [q,a1,a2,a3,b] @ env \ \)" unfolding ren_truth_lemma_def by (insert sats_incr_bv_iff [of _ _ M _ "[q,a1,a2,a3,b]"], simp) context forcing_data1 begin lemma truth_lemma' : assumes "\\formula" "env\list(M)" "arity(\) \ succ(length(env))" shows - "separation(##M,\d. \b\M. \q\P. q\d \ \(q \ \ ([b]@env)))" + "separation(##M,\d. \b\M. \q\\. q\d \ \(q \ \ ([b]@env)))" proof - let ?rel_pred="\M x a1 a2 a3. \b\M. \q\M. q\a1 \ is_leq(##M,a2,q,x) \ \(M, [q,a1,a2,a3,b] @ env \ forces(\))" let ?\="Exists(Forall(Implies(And(Member(0,3),is_leq_fm(4,0,2)), Neg(ren_truth_lemma(forces(\))))))" - have "q\M" if "q\P" for q using that transitivity[OF _ P_in_M] by simp + have "q\M" if "q\\" for q using that transitivity[OF _ P_in_M] by simp then - have 1:"\q\M. q\P \ R(q) \ Q(q) \ (\q\P. R(q) \ Q(q))" for R Q + have 1:"\q\M. q\\ \ R(q) \ Q(q) \ (\q\\. R(q) \ Q(q))" for R Q by auto then - have "\b \ M; \q\M. q \ P \ q \ d \ \(q \ \ ([b]@env))\ \ - \c\M. \q\P. q \ d \ \(q \ \ ([c]@env))" for b d + have "\b \ M; \q\M. q \ \ \ q \ d \ \(q \ \ ([b]@env))\ \ + \c\M. \q\\. q \ d \ \(q \ \ ([c]@env))" for b d by (rule bexI,simp_all) then - have "?rel_pred(M,d,P,leq,\) \ (\b\M. \q\P. q\d \ \(q \ \ ([b]@env)))" if "d\M" for d + have "?rel_pred(M,d,\,leq,\) \ (\b\M. \q\\. q\d \ \(q \ \ ([b]@env)))" if "d\M" for d using that leq_abs assms by auto moreover have "?\\formula" using assms by simp moreover - have "(M, [d,P,leq,\]@env \ ?\) \ ?rel_pred(M,d,P,leq,\)" if "d\M" for d + have "(M, [d,\,leq,\]@env \ ?\) \ ?rel_pred(M,d,\,leq,\)" if "d\M" for d using assms that sats_is_leq_fm sats_ren_truth_lemma zero_in_M by simp moreover have "arity(?\) \ 4+\<^sub>\length(env)" proof - have eq:"arity(is_leq_fm(4, 0, 2)) = 5" using arity_is_leq_fm succ_Un_distrib ord_simp_union by simp with \\\_\ have "arity(?\) = 3 \ (pred^2(arity(ren_truth_lemma(forces(\)))))" using union_abs1 pred_Un_distrib by (simp add:arity) moreover have "... \ 3 \ (pred(pred(6 \ succ(arity(forces(\))))))" (is "_ \ ?r") using \\\_\ Un_le_compat[OF le_refl[of 3]] le_imp_subset arity_ren_truth[of "forces(\)"] pred_mono by auto finally have "arity(?\) \ ?r" by simp have i:"?r \ 4 \ pred(arity(forces(\)))" using pred_Un_distrib pred_succ_eq \\\_\ Un_assoc[symmetric] union_abs1 by simp have h:"4 \ pred(arity(forces(\))) \ 4 \ (4+\<^sub>\length(env))" using \env\_\ add_commute \\\_\ Un_le_compat[of 4 4,OF _ pred_mono[OF _ arity_forces_le[OF _ _ \arity(\)\_\]] ] \env\_\ by auto with \\\_\ \env\_\ show ?thesis using le_trans[OF \arity(?\) \ ?r\ le_trans[OF i h]] ord_simp_union by simp qed ultimately show ?thesis using assms - separation_ax[of "?\" "[P,leq,\]@env"] - separation_cong[of "##M" "\y. (M, [y,P,leq,\]@env \?\)"] + separation_ax[of "?\" "[\,leq,\]@env"] + separation_cong[of "##M" "\y. (M, [y,\,leq,\]@env \?\)"] by simp qed end context G_generic1 begin lemma truth_lemma: assumes "\\formula" "env\list(M)" "arity(\)\length(env)" shows "(\p\G. p \ \ env) \ M[G], map(val(G),env) \ \" using assms proof (induct arbitrary:env) case (Member x y) then show ?case using truth_lemma_mem[OF \env\list(M)\ \x\nat\ \y\nat\] arities_at_aux by simp next case (Equal x y) then show ?case using truth_lemma_eq[OF \env\list(M)\ \x\nat\ \y\nat\] arities_at_aux by simp next case (Nand \ \) then show ?case using truth_lemma_And truth_lemma_Neg[of "\\ \ \\"] Forces_Nand_alt M_genericD map_val_in_MG arity_Nand_le[of \ \] FOL_arities by auto next case (Forall \) then show ?case proof (intro iffI) assume "\p\G. (p \ Forall(\) env)" then - obtain p where "p\G" "p\M" "p\P" "p \ Forall(\) env" + obtain p where "p\G" "p\M" "p\\" "p \ Forall(\) env" using transitivity[OF _ P_in_M] by auto with \env\list(M)\ \\\formula\ have "p \ \ ([x]@env)" if "x\M" for x using that Forces_Forall by simp with \p\G\ \\\formula\ \env\_\ \arity(Forall(\)) \ length(env)\ Forall(2)[of "Cons(_,env)"] show "M[G], map(val(G),env) \ Forall(\)" using pred_le2 map_val_in_MG by (auto iff:GenExt_iff) next assume "M[G], map(val(G),env) \ Forall(\)" - let ?D1="{d\P. (d \ Forall(\) env)}" - let ?D2="{d\P. \b\M. \q\P. q\d \ \(q \ \ ([b]@env))}" + let ?D1="{d\\. (d \ Forall(\) env)}" + let ?D2="{d\\. \b\M. \q\\. q\d \ \(q \ \ ([b]@env))}" define D where "D \ ?D1 \ ?D2" note \arity(Forall(\)) \ length(env)\ \\\formula\ \env\list(M)\ moreover from this have ar\:"arity(\)\succ(length(env))" using pred_le2 by simp moreover from calculation have "?D1\M" using Collect_forces by simp moreover from \env\list(M)\ \\\formula\ have "?D2\M" using truth_lemma'[of \] separation_closed ar\ by simp ultimately have "D\M" unfolding D_def using Un_closed by simp moreover - have "D \ P" unfolding D_def by auto + have "D \ \" unfolding D_def by auto moreover have "dense(D)" proof fix p - assume "p\P" + assume "p\\" show "\d\D. d\ p" proof (cases "p \ Forall(\) env") case True - with \p\P\ + with \p\\\ show ?thesis unfolding D_def using refl_leq by blast next case False - with Forall \p\P\ + with Forall \p\\\ obtain b where "b\M" "\(p \ \ ([b]@env))" using Forces_Forall by blast - moreover from this \p\P\ Forall - have "\dense_below({q\P. q \ \ ([b]@env)},p)" + moreover from this \p\\\ Forall + have "\dense_below({q\\. q \ \ ([b]@env)},p)" using density_lemma pred_le2 by auto moreover from this - obtain d where "d\p" "\q\P. q\d \ \(q \ \ ([b] @ env))" - "d\P" by blast + obtain d where "d\p" "\q\\. q\d \ \(q \ \ ([b] @ env))" + "d\\" by blast ultimately show ?thesis unfolding D_def by auto qed qed moreover note generic ultimately obtain d where "d \ D" "d \ G" by blast then consider (1) "d\?D1" | (2) "d\?D2" unfolding D_def by blast then show "\p\G. (p \ Forall(\) env)" proof (cases) case 1 with \d\G\ show ?thesis by blast next case 2 then - obtain b where "b\M" "\q\P. q\d \\(q \ \ ([b] @ env))" + obtain b where "b\M" "\q\\. q\d \\(q \ \ ([b] @ env))" by blast moreover from this(1) and \M[G], _ \ Forall(\)\ and Forall(2)[of "Cons(b,env)"] Forall(1,3-) - obtain p where "p\G" "p\P" "p \ \ ([b] @ env)" + obtain p where "p\G" "p\\" "p \ \ ([b] @ env)" using pred_le2 map_val_in_MG M_genericD by (auto iff:GenExt_iff) moreover note \d\G\ ultimately - obtain q where "q\G" "q\P" "q\d" "q\p" + obtain q where "q\G" "q\\" "q\d" "q\p" using M_genericD by force moreover from this and \p \ \ ([b] @ env)\ - Forall \b\M\ \p\P\ + Forall \b\M\ \p\\\ have "q \ \ ([b] @ env)" using pred_le2 strengthening_lemma by simp moreover - note \\q\P. q\d \\(q \ \ ([b] @ env))\ + note \\q\\. q\d \\(q \ \ ([b] @ env))\ ultimately show ?thesis by simp qed qed qed end context forcing_data1 begin subsection\The ``Definition of forcing''\ lemma definition_of_forcing: assumes - "p\P" "\\formula" "env\list(M)" "arity(\)\length(env)" + "p\\" "\\formula" "env\list(M)" "arity(\)\length(env)" shows "(p \ \ env) \ (\G. M_generic(G) \ p\G \ M[G], map(val(G),env) \ \)" proof (intro iffI allI impI, elim conjE) fix G assume "(p \ \ env)" "M_generic(G)" "p \ G" moreover from this - interpret G_generic1 P leq \ M enum G + interpret G_generic1 \ leq \ M enum G by (unfold_locales,simp) from calculation assms show "M[G], map(val(G),env) \ \" using truth_lemma[of \] by auto next assume 1: "\G.(M_generic(G)\ p\G) \ M[G] , map(val(G),env) \ \" { fix r - assume 2: "r\P" "r\p" + assume 2: "r\\" "r\p" then obtain G where "r\G" "M_generic(G)" text\Here we're using countability (via the existence of generic filters) of \<^term>\M\ as a shortcut.\ using generic_filter_existence by auto moreover from this - interpret G_generic1 P leq \ M enum G + interpret G_generic1 \ leq \ M enum G by (unfold_locales,simp) - from calculation 2 \p\P\ + from calculation 2 \p\\\ have "p\G" using filter_leqD by auto moreover note 1 ultimately have "M[G], map(val(G),env) \ \" by simp moreover note assms moreover from calculation obtain s where "s\G" "(s \ \ env)" using truth_lemma[of \] by blast moreover from this \r\G\ - obtain q where "q\G" "q\s" "q\r" "s\P" "q\P" + obtain q where "q\G" "q\s" "q\r" "s\\" "q\\" by blast ultimately - have "\q\P. q\r \ (q \ \ env)" + have "\q\\. q\r \ (q \ \ env)" using strengthening_lemma[of s] by auto } then - have "dense_below({q\P. (q \ \ env)},p)" + have "dense_below({q\\. (q \ \ env)},p)" unfolding dense_below_def by blast with assms show "(p \ \ env)" using density_lemma by blast qed lemmas definability = forces_type end \ \\<^locale>\forcing_data1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Interface.thy b/thys/Independence_CH/Interface.thy --- a/thys/Independence_CH/Interface.thy +++ b/thys/Independence_CH/Interface.thy @@ -1,1668 +1,1498 @@ section\Interface between set models and Constructibility\ text\This theory provides an interface between Paulson's relativization results and set models of ZFC. In particular, it is used to prove that the locale \<^term>\forcing_data\ is a sublocale of all relevant locales in \<^session>\ZF-Constructible\ (\<^term>\M_trivial\, \<^term>\M_basic\, \<^term>\M_eclose\, etc). In order to interpret the locales in \<^session>\ZF-Constructible\ we introduce new locales, each stronger than the previous one, assuming only the instances of Replacement needed to interpret the subsequent locales of that session. From the start we assume Separation for every internalized formula (with one parameter, but this is not a problem since we can use pairing).\ theory Interface imports Fm_Definitions Transitive_Models.Cardinal_AC_Relative begin locale M_Z_basic = fixes M assumes upair_ax: "upair_ax(##M)" and Union_ax: "Union_ax(##M)" and power_ax: "power_ax(##M)" and extensionality:"extensionality(##M)" and foundation_ax: "foundation_ax(##M)" and infinity_ax: "infinity_ax(##M)" and separation_ax: "\ \ formula \ env \ list(M) \ arity(\) \ 1 +\<^sub>\ length(env) \ separation(##M,\x. (M, [x] @ env \ \))" locale M_transset = fixes M assumes trans_M: "Transset(M)" locale M_Z_trans = M_Z_basic + M_transset locale M_ZF1 = M_Z_basic + assumes replacement_ax1: - "replacement_assm(M,env,list_repl1_intf_fm)" - "replacement_assm(M,env,list_repl2_intf_fm)" - "replacement_assm(M,env,formula_repl1_intf_fm)" - "replacement_assm(M,env,formula_repl2_intf_fm)" "replacement_assm(M,env,eclose_repl1_intf_fm)" "replacement_assm(M,env,eclose_repl2_intf_fm)" "replacement_assm(M,env,wfrec_rank_fm)" "replacement_assm(M,env,trans_repl_HVFrom_fm)" - "replacement_assm(M,env,tl_repl_intf_fm)" definition instances1_fms where "instances1_fms \ - { list_repl1_intf_fm, - list_repl2_intf_fm, - formula_repl1_intf_fm, - formula_repl2_intf_fm, - eclose_repl1_intf_fm, + { eclose_repl1_intf_fm, eclose_repl2_intf_fm, wfrec_rank_fm, - trans_repl_HVFrom_fm, - tl_repl_intf_fm + trans_repl_HVFrom_fm }" -text\This set has 9 internalized formulas.\ +text\This set has 4 internalized formulas.\ lemmas replacement_instances1_defs = list_repl1_intf_fm_def list_repl2_intf_fm_def formula_repl1_intf_fm_def formula_repl2_intf_fm_def eclose_repl1_intf_fm_def eclose_repl2_intf_fm_def wfrec_rank_fm_def trans_repl_HVFrom_fm_def tl_repl_intf_fm_def lemma instances1_fms_type[TC]: "instances1_fms \ formula" using Lambda_in_M_fm_type unfolding replacement_instances1_defs instances1_fms_def by simp declare (in M_ZF1) replacement_instances1_defs[simp] locale M_ZF1_trans = M_ZF1 + M_Z_trans context M_Z_trans begin lemmas transitivity = Transset_intf[OF trans_M] subsection\Interface with \<^term>\M_trivial\\ lemma zero_in_M: "0 \ M" proof - obtain z where "empty(##M,z)" "z\M" using empty_intf[OF infinity_ax] by auto moreover from this have "z=0" using transitivity empty_def by auto ultimately show ?thesis by simp qed lemma separation_in_ctm : assumes "\ \ formula" "env\list(M)" "arity(\) \ 1 +\<^sub>\ length(env)" and satsQ: "\x. x\M \ (M, [x]@env \ \) \ Q(x)" shows "separation(##M,Q)" using assms separation_ax satsQ transitivity separation_cong[of "##M" "\y. (M, [y]@env \ \)" "Q"] by simp end \ \\<^locale>\M_Z_trans\\ locale M_ZC_basic = M_Z_basic + M_AC "##M" locale M_ZFC1 = M_ZF1 + M_ZC_basic locale M_ZFC1_trans = M_ZF1_trans + M_ZFC1 sublocale M_Z_trans \ M_trans "##M" using transitivity zero_in_M exI[of "\x. x\M"] by unfold_locales simp_all sublocale M_Z_trans \ M_trivial "##M" using upair_ax Union_ax by unfold_locales subsection\Interface with \<^term>\M_basic\\ definition Intersection where "Intersection(N,B,x) \ (\y[N]. y\B \ x\y)" synthesize "Intersection" from_definition "Intersection" assuming "nonempty" arity_theorem for "Intersection_fm" definition CartProd where "CartProd(N,B,C,z) \ (\x[N]. x\B \ (\y[N]. y\C \ pair(N,x,y,z)))" synthesize "CartProd" from_definition "CartProd" assuming "nonempty" arity_theorem for "CartProd_fm" definition ImageSep where "ImageSep(N,B,r,y) \ (\p[N]. p\r \ (\x[N]. x\B \ pair(N,x,y,p)))" synthesize "ImageSep" from_definition assuming "nonempty" arity_theorem for "ImageSep_fm" definition Converse where "Converse(N,R,z) \ \p[N]. p\R \ (\x[N].\y[N]. pair(N,x,y,p) \ pair(N,y,x,z))" synthesize "Converse" from_definition "Converse" assuming "nonempty" arity_theorem for "Converse_fm" definition Restrict where "Restrict(N,A,z) \ \x[N]. x\A \ (\y[N]. pair(N,x,y,z))" synthesize "Restrict" from_definition "Restrict" assuming "nonempty" arity_theorem for "Restrict_fm" definition Comp where "Comp(N,R,S,xz) \ \x[N]. \y[N]. \z[N]. \xy[N]. \yz[N]. pair(N,x,z,xz) \ pair(N,x,y,xy) \ pair(N,y,z,yz) \ xy\S \ yz\R" synthesize "Comp" from_definition "Comp" assuming "nonempty" arity_theorem for "Comp_fm" definition Pred where "Pred(N,R,X,y) \ \p[N]. p\R \ pair(N,y,X,p)" synthesize "Pred" from_definition "Pred" assuming "nonempty" arity_theorem for "Pred_fm" definition is_Memrel where "is_Memrel(N,z) \ \x[N]. \y[N]. pair(N,x,y,z) \ x \ y" synthesize "is_Memrel" from_definition "is_Memrel" assuming "nonempty" arity_theorem for "is_Memrel_fm" definition RecFun where "RecFun(N,r,f,g,a,b,x) \ \xa[N]. \xb[N]. pair(N,x,a,xa) \ xa \ r \ pair(N,x,b,xb) \ xb \ r \ (\fx[N]. \gx[N]. fun_apply(N,f,x,fx) \ fun_apply(N,g,x,gx) \ fx \ gx)" synthesize "RecFun" from_definition "RecFun" assuming "nonempty" arity_theorem for "RecFun_fm" arity_theorem for "rtran_closure_mem_fm" synthesize "wellfounded_trancl" from_definition assuming "nonempty" arity_theorem for "wellfounded_trancl_fm" context M_Z_trans begin lemma inter_sep_intf : assumes "A\M" shows "separation(##M,\x . \y\M . y\A \ x\y)" using assms separation_in_ctm[of "Intersection_fm(1,0)" "[A]" "Intersection(##M,A)"] Intersection_iff_sats[of 1 "[_,A]" A 0 _ M] arity_Intersection_fm Intersection_fm_type ord_simp_union zero_in_M unfolding Intersection_def by simp lemma diff_sep_intf : assumes "B\M" shows "separation(##M,\x . x\B)" using assms separation_in_ctm[of "Neg(Member(0,1))" "[B]" "\x . x\B"] ord_simp_union by simp lemma cartprod_sep_intf : assumes "A\M" and "B\M" shows "separation(##M,\z. \x\M. x\A \ (\y\M. y\B \ pair(##M,x,y,z)))" using assms separation_in_ctm[of "CartProd_fm(1,2,0)" "[A,B]" "CartProd(##M,A,B)"] CartProd_iff_sats[of 1 "[_,A,B]" A 2 B 0 _ M] arity_CartProd_fm CartProd_fm_type ord_simp_union zero_in_M unfolding CartProd_def by simp lemma image_sep_intf : assumes "A\M" and "B\M" shows "separation(##M, \y. \p\M. p\B \ (\x\M. x\A \ pair(##M,x,y,p)))" using assms separation_in_ctm[of "ImageSep_fm(1,2,0)" "[A,B]" "ImageSep(##M,A,B)"] ImageSep_iff_sats[of 1 "[_,A,B]" _ 2 _ 0 _ M] arity_ImageSep_fm ImageSep_fm_type ord_simp_union zero_in_M unfolding ImageSep_def by simp lemma converse_sep_intf : assumes "R\M" shows "separation(##M,\z. \p\M. p\R \ (\x\M.\y\M. pair(##M,x,y,p) \ pair(##M,y,x,z)))" using assms separation_in_ctm[of "Converse_fm(1,0)" "[R]" "Converse(##M,R)"] Converse_iff_sats[of 1 "[_,R]" _ 0 _ M] arity_Converse_fm Converse_fm_type ord_simp_union zero_in_M unfolding Converse_def by simp lemma restrict_sep_intf : assumes "A\M" shows "separation(##M,\z. \x\M. x\A \ (\y\M. pair(##M,x,y,z)))" using assms separation_in_ctm[of "Restrict_fm(1,0)" "[A]" "Restrict(##M,A)"] Restrict_iff_sats[of 1 "[_,A]" _ 0 _ M] arity_Restrict_fm Restrict_fm_type ord_simp_union zero_in_M unfolding Restrict_def by simp lemma comp_sep_intf : assumes "R\M" and "S\M" shows "separation(##M,\xz. \x\M. \y\M. \z\M. \xy\M. \yz\M. pair(##M,x,z,xz) \ pair(##M,x,y,xy) \ pair(##M,y,z,yz) \ xy\S \ yz\R)" using assms separation_in_ctm[of "Comp_fm(1,2,0)" "[R,S]" "Comp(##M,R,S)"] Comp_iff_sats[of 1 "[_,R,S]" _ 2 _ 0 _ M] arity_Comp_fm Comp_fm_type ord_simp_union zero_in_M unfolding Comp_def by simp lemma pred_sep_intf: assumes "R\M" and "X\M" shows "separation(##M, \y. \p\M. p\R \ pair(##M,y,X,p))" using assms separation_in_ctm[of "Pred_fm(1,2,0)" "[R,X]" "Pred(##M,R,X)"] Pred_iff_sats[of 1 "[_,R,X]" _ 2 _ 0 _ M] arity_Pred_fm Pred_fm_type ord_simp_union zero_in_M unfolding Pred_def by simp lemma memrel_sep_intf: "separation(##M, \z. \x\M. \y\M. pair(##M,x,y,z) \ x \ y)" using separation_in_ctm[of "is_Memrel_fm(0)" "[]" "is_Memrel(##M)"] is_Memrel_iff_sats[of 0 "[_]" _ M] arity_is_Memrel_fm is_Memrel_fm_type ord_simp_union zero_in_M unfolding is_Memrel_def by simp lemma is_recfun_sep_intf : assumes "r\M" "f\M" "g\M" "a\M" "b\M" shows "separation(##M,\x. \xa\M. \xb\M. pair(##M,x,a,xa) \ xa \ r \ pair(##M,x,b,xb) \ xb \ r \ (\fx\M. \gx\M. fun_apply(##M,f,x,fx) \ fun_apply(##M,g,x,gx) \ fx \ gx))" using assms separation_in_ctm[of "RecFun_fm(1,2,3,4,5,0)" "[r,f,g,a,b]" "RecFun(##M,r,f,g,a,b)"] RecFun_iff_sats[of 1 "[_,r,f,g,a,b]" _ 2 _ 3 _ 4 _ 5 _ 0 _ M] arity_RecFun_fm RecFun_fm_type ord_simp_union zero_in_M unfolding RecFun_def by simp lemmas M_basic_sep_instances = inter_sep_intf diff_sep_intf cartprod_sep_intf image_sep_intf converse_sep_intf restrict_sep_intf pred_sep_intf memrel_sep_intf comp_sep_intf is_recfun_sep_intf end \ \\<^locale>\M_Z_trans\\ sublocale M_Z_trans \ M_basic_no_repl "##M" using power_ax M_basic_sep_instances by unfold_locales simp_all lemma Replace_eq_Collect: assumes "\x y y'. x\A \ P(x,y) \ P(x,y') \ y=y'" "{y . x \ A, P(x, y)} \ B" shows "{y . x \ A, P(x, y)} = {y\B . \x\A. P(x,y)}" using assms by blast context M_Z_trans begin lemma Pow_inter_M_closed: assumes "A \ M" shows "Pow(A) \ M \ M" proof - have "{a \ Pow(A) . a \ M} = Pow(A) \ M" by auto then show ?thesis using power_ax powerset_abs assms unfolding power_ax_def by auto qed lemma Pow'_inter_M_closed: assumes "A \ M" shows "{a \ Pow(A) . a \ M} \ M" using power_ax powerset_abs assms unfolding power_ax_def by auto end \ \\<^locale>\M_Z_trans\\ context M_basic_no_repl begin lemma Replace_funspace_succ_rep_intf_sub: assumes "M(A)" "M(n)" shows "{z . p \ A, funspace_succ_rep_intf_rel(M,p,z,n)} \ Pow\<^bsup>M\<^esup>(Pow\<^bsup>M\<^esup>(\domain(A) \ ({n} \ range(A)) \ (\({n} \ range(A)))))" unfolding funspace_succ_rep_intf_rel_def using assms mem_Pow_rel_abs by clarsimp (auto simp: cartprod_def) lemma funspace_succ_rep_intf_uniq: assumes "funspace_succ_rep_intf_rel(M,p,z,n)" "funspace_succ_rep_intf_rel(M,p,z',n)" shows "z = z'" using assms unfolding funspace_succ_rep_intf_rel_def by auto lemma Replace_funspace_succ_rep_intf_eq: assumes "M(A)" "M(n)" shows "{z . p \ A, funspace_succ_rep_intf_rel(M,p,z,n)} = {z \ Pow\<^bsup>M\<^esup>(Pow\<^bsup>M\<^esup>(\domain(A) \ ({n} \ range(A)) \ (\({n} \ range(A))))) . \p\A. funspace_succ_rep_intf_rel(M,p,z,n)}" using assms Replace_eq_Collect[OF funspace_succ_rep_intf_uniq, of A, OF _ _ Replace_funspace_succ_rep_intf_sub[of A n], of "\x y z. x" "\x y z. n"] by (intro equalityI) (auto dest:transM simp:funspace_succ_rep_intf_rel_def) end \ \\<^locale>\M_basic_no_repl\\ definition fsri where "fsri(N,A,B) \ \z. \p\A. \f[N]. \b[N]. p = \f, b\ \ z = {cons(\B, b\, f)}" relationalize "fsri" "is_fsri" synthesize "is_fsri" from_definition assuming "nonempty" arity_theorem for "is_fsri_fm" context M_Z_trans begin lemma separation_fsri: "(##M)(A) \ (##M)(B) \ separation(##M, is_fsri(##M,A,B))" using separation_in_ctm[where env="[A,B]" and \="is_fsri_fm(1,2,0)"] zero_in_M is_fsri_iff_sats[symmetric] arity_is_fsri_fm is_fsri_fm_type by (simp_all add: ord_simp_union) lemma separation_funspace_succ_rep_intf_rel: "(##M)(A) \ (##M)(B) \ separation(##M, \z. \p\A. funspace_succ_rep_intf_rel(##M,p,z,B))" using separation_fsri zero_in_M by (rule_tac separation_cong[THEN iffD1, of _ "is_fsri(##M,A,B)"]) (auto simp flip:setclass_iff dest:transM simp:is_fsri_def funspace_succ_rep_intf_rel_def, force) lemma Replace_funspace_succ_rep_intf_in_M: assumes "A \ M" "n \ M" shows "{z . p \ A, funspace_succ_rep_intf_rel(##M,p,z,n)} \ M" proof - have "(##M)({z \ Pow\<^bsup>M\<^esup>(Pow\<^bsup>M\<^esup>(\domain(A) \ ({n} \ range(A)) \ (\({n} \ range(A))))) . \p\A. funspace_succ_rep_intf_rel(##M,p,z,n)})" using assms separation_funspace_succ_rep_intf_rel by (intro separation_closed) (auto simp flip:setclass_iff) with assms show ?thesis using Replace_funspace_succ_rep_intf_eq by auto qed lemma funspace_succ_rep_intf: assumes "n\M" shows "strong_replacement(##M, \p z. \f\M. \b\M. \nb\M. \cnbf\M. pair(##M,f,b,p) \ pair(##M,n,b,nb) \ is_cons(##M,nb,f,cnbf) \ upair(##M,cnbf,cnbf,z))" using assms pair_in_M_iff[simplified] cons_closed[simplified] unfolding strong_replacement_def univalent_def apply (clarsimp, rename_tac A) apply (rule_tac x="{z . p \ A, funspace_succ_rep_intf_rel(##M,p,z,n)}" in bexI) apply (auto simp:funspace_succ_rep_intf_rel_def Replace_funspace_succ_rep_intf_in_M[unfolded funspace_succ_rep_intf_rel_def, simplified]) done end \ \\<^locale>\M_Z_trans\\ sublocale M_Z_trans \ M_basic "##M" using power_ax M_basic_sep_instances funspace_succ_rep_intf by unfold_locales auto subsection\Interface with \<^term>\M_trancl\\ context M_ZF1_trans begin lemma rtrancl_separation_intf: assumes "r\M" "A\M" shows "separation (##M, rtran_closure_mem(##M,A,r))" using assms separation_in_ctm[of "rtran_closure_mem_fm(1,2,0)" "[A,r]" "rtran_closure_mem(##M,A,r)"] arity_rtran_closure_mem_fm ord_simp_union zero_in_M by simp lemma wftrancl_separation_intf: assumes "r\M" and "Z\M" shows "separation (##M, wellfounded_trancl(##M,Z,r))" using assms separation_in_ctm[of "wellfounded_trancl_fm(1,2,0)" "[Z,r]" "wellfounded_trancl(##M,Z,r)"] arity_wellfounded_trancl_fm ord_simp_union zero_in_M by simp text\To prove \<^term>\nat \ M\ we get an infinite set \<^term>\I\ from \<^term>\infinity_ax\ closed under \<^term>\0\ and \<^term>\succ\; that shows \<^term>\nat\I\. Then we can separate \<^term>\I\ with the predicate \<^term>\\x. x\nat\.\ lemma finite_sep_intf: "separation(##M, \x. x\nat)" proof - have "(\v\M. separation(##M,\x. (M, [x,v] \ finite_ordinal_fm(0))))" using separation_ax arity_finite_ordinal_fm by simp then have "(\v\M. separation(##M,finite_ordinal(##M)))" unfolding separation_def by simp then have "separation(##M,finite_ordinal(##M))" using separation_in_ctm zero_in_M by auto then show ?thesis unfolding separation_def by simp qed lemma nat_subset_I: "\I\M. nat \ I" proof - have "nat \ I" if "I\M" and "0\I" and "\x. x\I \ succ(x)\I" for I using that by (rule_tac subsetI,induct_tac x,simp_all) moreover obtain I where "I\M" "0\I" "\x. x\I \ succ(x)\I" using infinity_ax transitivity unfolding infinity_ax_def by auto ultimately show ?thesis by auto qed lemma nat_in_M: "nat \ M" proof - have "{x\B . x\A}=A" if "A\B" for A B using that by auto moreover obtain I where "I\M" "nat\I" using nat_subset_I by auto moreover from this have "{x\I . x\nat} \ M" using finite_sep_intf separation_closed[of "\x . x\nat"] by simp ultimately show ?thesis by simp qed end \ \\<^locale>\M_ZF1_trans\\ sublocale M_ZF1_trans \ M_trancl "##M" using rtrancl_separation_intf wftrancl_separation_intf nat_in_M wellfounded_trancl_def by unfold_locales auto subsection\Interface with \<^term>\M_eclose\\ lemma repl_sats: assumes sat:"\x z. x\M \ z\M \ (M, Cons(x,Cons(z,env)) \ \) \ P(x,z)" shows "strong_replacement(##M,\x z. (M, Cons(x,Cons(z,env)) \ \)) \ strong_replacement(##M,P)" by (rule strong_replacement_cong,simp add:sat) arity_theorem for "list_functor_fm" arity_theorem for "formula_functor_fm" arity_theorem for "Inl_fm" arity_theorem for "Inr_fm" arity_theorem for "Nil_fm" arity_theorem for "Cons_fm" arity_theorem for "quasilist_fm" arity_theorem for "tl_fm" arity_theorem for "big_union_fm" context M_ZF1_trans begin -lemma list_repl1_intf: - assumes "A\M" - shows "iterates_replacement(##M, is_list_functor(##M,A), 0)" -proof - - let ?f="Exists(And(pair_fm(1,0,2), - is_wfrec_fm(iterates_MH_fm(list_functor_fm(13,1,0),10,2,1,0),3,1,0)))" - have "arity(?f) = 5" - using arity_iterates_MH_fm[where isF="list_functor_fm(13,1,0)" and i=14] - arity_wfrec_replacement_fm[where i=11] arity_list_functor_fm ord_simp_union - by simp - { - fix n - assume "n\nat" - then - have "Memrel(succ(n))\M" - using nat_into_M Memrel_closed - by simp - moreover - note assms zero_in_M - moreover from calculation - have "is_list_functor(##M, A, a, b) - \ (M, [b,a,c,d,a0,a1,a2,a3,a4,y,x,z,Memrel(succ(n)),A,0] \ list_functor_fm(13,1,0))" - if "a\M" "b\M" "c\M" "d\M" "a0\M" "a1\M" "a2\M" "a3\M" "a4\M" "y\M" "x\M" "z\M" - for a b c d a0 a1 a2 a3 a4 y x z - using that - by simp - moreover from calculation - have "(M, [a0,a1,a2,a3,a4,y,x,z,Memrel(succ(n)),A,0] \ - iterates_MH_fm(list_functor_fm(13,1,0),10,2,1,0)) \ - iterates_MH(##M,is_list_functor(##M,A),0,a2, a1, a0)" - if "a0\M" "a1\M" "a2\M" "a3\M" "a4\M" "y\M" "x\M" "z\M" - for a0 a1 a2 a3 a4 y x z - using that sats_iterates_MH_fm[of M "is_list_functor(##M,A)" _] - by simp - moreover from calculation - have "(M, [y,x,z,Memrel(succ(n)),A,0] \ - is_wfrec_fm(iterates_MH_fm(list_functor_fm(13,1,0),10,2,1,0),3,1,0)) \ - is_wfrec(##M, iterates_MH(##M,is_list_functor(##M,A),0) , Memrel(succ(n)), x, y)" - if "y\M" "x\M" "z\M" for y x z - using that sats_is_wfrec_fm - by simp - moreover from calculation - have "(M, [x,z,Memrel(succ(n)),A,0] \ ?f) \ - - (\y\M. pair(##M,x,y,z) \ - is_wfrec(##M, iterates_MH(##M,is_list_functor(##M,A),0) , Memrel(succ(n)), x, y))" - if "x\M" "z\M" for x z - using that - by (simp del:pair_abs) - moreover - note \arity(?f) = 5\ - moreover from calculation - have "strong_replacement(##M,\x z. (M, [x,z,Memrel(succ(n)),A,0] \ ?f))" - using replacement_ax1(1)[unfolded replacement_assm_def] - by simp - moreover from calculation - have "strong_replacement(##M,\x z. - \y\M. pair(##M,x,y,z) \ is_wfrec(##M, iterates_MH(##M,is_list_functor(##M,A),0) , - Memrel(succ(n)), x, y))" - using repl_sats[of M ?f "[Memrel(succ(n)),A,0]"] - by (simp del:pair_abs) - } - then - show ?thesis - unfolding iterates_replacement_def wfrec_replacement_def - by simp -qed - text\This lemma obtains \<^term>\iterates_replacement\ for predicates without parameters.\ lemma iterates_repl_intf : assumes "v\M" and isfm:"is_F_fm \ formula" and arty:"arity(is_F_fm)=2" and satsf: "\a b env'. \ a\M ; b\M ; env'\list(M) \ \ is_F(a,b) \ (M, [b,a]@env' \ is_F_fm)" and is_F_fm_replacement: "\env. (\\\\\1,0\ is 2\ \ is_wfrec_fm(iterates_MH_fm(is_F_fm,9,2,1,0),3,1,0) \\) \ formula \ env \ list(M) \ arity((\\\\\1,0\ is 2\ \ is_wfrec_fm(iterates_MH_fm(is_F_fm,9,2,1,0),3,1,0) \\)) \ 2 +\<^sub>\ length(env) \ strong_replacement(##M,\x y. M, [x,y] @ env \ (\\\\\1,0\ is 2\ \ is_wfrec_fm(iterates_MH_fm(is_F_fm,9,2,1,0),3,1,0) \\))" shows "iterates_replacement(##M,is_F,v)" proof - let ?f="(\\\\\1,0\ is 2\ \ is_wfrec_fm(iterates_MH_fm(is_F_fm,9,2,1,0),3,1,0) \\)" have "arity(?f) = 4" "?f\formula" using arity_iterates_MH_fm[where isF=is_F_fm and i=2] arity_wfrec_replacement_fm[where i=10] isfm arty ord_simp_union by simp_all { fix n assume "n\nat" then have "Memrel(succ(n))\M" using nat_into_M Memrel_closed by simp moreover { fix a0 a1 a2 a3 a4 y x z assume "[a0,a1,a2,a3,a4,y,x,z]\list(M)" moreover note \v\M\ \Memrel(succ(n))\M\ moreover from calculation have "(M, [b,a,c,d,a0,a1,a2,a3,a4,y,x,z,Memrel(succ(n)),v] \ is_F_fm) \ is_F(a,b)" if "a\M" "b\M" "c\M" "d\M" for a b c d using that satsf[of a b "[c,d,a0,a1,a2,a3,a4,y,x,z,Memrel(succ(n)),v]"] by simp moreover from calculation have "(M, [a0,a1,a2,a3,a4,y,x,z,Memrel(succ(n)),v] \ iterates_MH_fm(is_F_fm,9,2,1,0)) \ iterates_MH(##M,is_F,v,a2, a1, a0)" using sats_iterates_MH_fm[of M "is_F" "is_F_fm"] by simp } moreover from calculation have "(M, [y,x,z,Memrel(succ(n)),v] \ is_wfrec_fm(iterates_MH_fm(is_F_fm,9,2,1,0),3,1,0)) \ is_wfrec(##M, iterates_MH(##M,is_F,v),Memrel(succ(n)), x, y)" if "y\M" "x\M" "z\M" for y x z using that sats_is_wfrec_fm \v\M\ by simp moreover from calculation have "(M, [x,z,Memrel(succ(n)),v] \ ?f) \ (\y\M. pair(##M,x,y,z) \ is_wfrec(##M, iterates_MH(##M,is_F,v) , Memrel(succ(n)), x, y))" if "x\M" "z\M" for x z using that \v\M\ by (simp del:pair_abs) moreover note \arity(?f) = 4\ \?f\formula\ moreover from calculation \v\_\ have "strong_replacement(##M,\x z. (M, [x,z,Memrel(succ(n)),v] \ ?f))" using is_F_fm_replacement by simp ultimately have "strong_replacement(##M,\x z. \y\M. pair(##M,x,y,z) \ is_wfrec(##M, iterates_MH(##M,is_F,v) , Memrel(succ(n)), x, y))" using repl_sats[of M ?f "[Memrel(succ(n)),v]"] by (simp del:pair_abs) } then show ?thesis unfolding iterates_replacement_def wfrec_replacement_def by simp qed -lemma formula_repl1_intf : "iterates_replacement(##M, is_formula_functor(##M), 0)" - using arity_formula_functor_fm zero_in_M ord_simp_union - iterates_repl_intf[where is_F_fm="formula_functor_fm(1,0)"] - replacement_ax1(3)[unfolded replacement_assm_def] - by simp - -lemma tl_repl_intf: - assumes "l \ M" - shows "iterates_replacement(##M,\l' t. is_tl(##M,l',t),l)" - using assms arity_tl_fm ord_simp_union - iterates_repl_intf[where is_F_fm="tl_fm(1,0)"] - replacement_ax1(9)[unfolded replacement_assm_def] - by simp - lemma eclose_repl1_intf: assumes "A\M" shows "iterates_replacement(##M, big_union(##M), A)" using assms arity_big_union_fm iterates_repl_intf[where is_F_fm="big_union_fm(1,0)"] - replacement_ax1(5)[unfolded replacement_assm_def] + replacement_ax1(1)[unfolded replacement_assm_def] ord_simp_union by simp -lemma list_repl2_intf: - assumes "A\M" - shows "strong_replacement(##M,\n y. n\nat \ - is_iterates(##M, is_list_functor(##M,A), 0, n, y))" -proof - - let ?f = "And(Member(0,4),is_iterates_fm(list_functor_fm(13,1,0),3,0,1))" - note zero_in_M nat_in_M \A\M\ - moreover from this - have "is_list_functor(##M,A,a,b) \ - (M, [b,a,c,d,e,f,g,h,i,j,k,n,y,A,0,nat] \ list_functor_fm(13,1,0))" - if "a\M" "b\M" "c\M" "d\M" "e\M" "f\M""g\M""h\M""i\M""j\M" "k\M" "n\M" "y\M" - for a b c d e f g h i j k n y - using that - by simp - moreover from calculation - have "(M, [n,y,A,0,nat] \ is_iterates_fm(list_functor_fm(13,1,0),3,0,1)) \ - is_iterates(##M, is_list_functor(##M,A), 0, n , y)" - if "n\M" "y\M" for n y - using that sats_is_iterates_fm[of M "is_list_functor(##M,A)"] - by simp - moreover from calculation - have "(M, [n,y,A,0,nat] \ ?f) \ - n\nat \ is_iterates(##M, is_list_functor(##M,A), 0, n, y)" - if "n\M" "y\M" for n y - using that - by simp - moreover - have "arity(?f) = 5" - using arity_is_iterates_fm[where p="list_functor_fm(13,1,0)" and i=14] - arity_list_functor_fm arity_And ord_simp_union - by simp - ultimately - show ?thesis - using replacement_ax1(2)[unfolded replacement_assm_def] repl_sats[of M ?f "[A,0,nat]"] - by simp -qed - -lemma formula_repl2_intf: - "strong_replacement(##M,\n y. n\nat \ is_iterates(##M, is_formula_functor(##M), 0, n, y))" -proof - - let ?f = "And(Member(0,3),is_iterates_fm(formula_functor_fm(1,0),2,0,1))" - note zero_in_M nat_in_M - moreover from this - have "is_formula_functor(##M,a,b) \ - (M, [b,a,c,d,e,f,g,h,i,j,k,n,y,0,nat] \ formula_functor_fm(1,0))" - if "a\M" "b\M" "c\M" "d\M" "e\M" "f\M""g\M""h\M""i\M""j\M" "k\M" "n\M" "y\M" - for a b c d e f g h i j k n y - using that - by simp - moreover from calculation - have "(M, [n,y,0,nat] \ is_iterates_fm(formula_functor_fm(1,0),2,0,1)) \ - is_iterates(##M, is_formula_functor(##M), 0, n , y)" - if "n\M" "y\M" for n y - using that sats_is_iterates_fm[of M "is_formula_functor(##M)"] - by simp - moreover from calculation - have "(M, [n,y,0,nat] \ ?f) \ - n\nat \ is_iterates(##M, is_formula_functor(##M), 0, n, y)" - if "n\M" "y\M" for n y - using that - by simp - moreover - have "arity(?f) = 4" - using arity_is_iterates_fm[where p="formula_functor_fm(1,0)" and i=2] - arity_formula_functor_fm arity_And ord_simp_union - by simp - ultimately - show ?thesis - using replacement_ax1(4)[unfolded replacement_assm_def] repl_sats[of M ?f "[0,nat]"] - by simp -qed - - lemma eclose_repl2_intf: assumes "A\M" shows "strong_replacement(##M,\n y. n\nat \ is_iterates(##M, big_union(##M), A, n, y))" proof - let ?f = "And(Member(0,3),is_iterates_fm(big_union_fm(1,0),2,0,1))" note nat_in_M \A\M\ moreover from this have "big_union(##M,a,b) \ (M, [b,a,c,d,e,f,g,h,i,j,k,n,y,A,nat] \ big_union_fm(1,0))" if "a\M" "b\M" "c\M" "d\M" "e\M" "f\M""g\M""h\M""i\M""j\M" "k\M" "n\M" "y\M" for a b c d e f g h i j k n y using that by simp moreover from calculation have "(M, [n,y,A,nat] \ is_iterates_fm(big_union_fm(1,0),2,0,1)) \ is_iterates(##M, big_union(##M), A, n , y)" if "n\M" "y\M" for n y using that sats_is_iterates_fm[of M "big_union(##M)"] by simp moreover from calculation have "(M, [n,y,A,nat] \ ?f) \ n\nat \ is_iterates(##M, big_union(##M), A, n, y)" if "n\M" "y\M" for n y using that by simp moreover have "arity(?f) = 4" using arity_is_iterates_fm[where p="big_union_fm(1,0)" and i=2] arity_big_union_fm arity_And ord_simp_union by simp ultimately show ?thesis - using repl_sats[of M ?f "[A,nat]"] replacement_ax1(6)[unfolded replacement_assm_def] + using repl_sats[of M ?f "[A,nat]"] replacement_ax1(2)[unfolded replacement_assm_def] by simp qed end \ \\<^locale>\M_ZF1_trans\\ -sublocale M_ZF1_trans \ M_datatypes "##M" - using list_repl1_intf list_repl2_intf formula_repl1_intf - formula_repl2_intf tl_repl_intf - by unfold_locales auto - sublocale M_ZF1_trans \ M_eclose "##M" using eclose_repl1_intf eclose_repl2_intf by unfold_locales auto text\Interface with \<^locale>\M_eclose\.\ schematic_goal sats_is_Vset_fm_auto: assumes "i\nat" "v\nat" "env\list(A)" "0\A" "i < length(env)" "v < length(env)" shows "is_Vset(##A,nth(i, env),nth(v, env)) \ (A, env \ ?ivs_fm(i,v))" unfolding is_Vset_def is_Vfrom_def by (insert assms; (rule sep_rules is_HVfrom_iff_sats is_transrec_iff_sats | simp)+) synthesize "is_Vset" from_schematic "sats_is_Vset_fm_auto" arity_theorem for "is_Vset_fm" declare is_Hrank_fm_def[fm_definitions add] context M_ZF1_trans begin lemma wfrec_rank : assumes "X\M" shows "wfrec_replacement(##M,is_Hrank(##M),rrank(X))" proof - let ?f="Exists(And(pair_fm(1,0,2),is_wfrec_fm(is_Hrank_fm(2,1,0),3,1,0)))" note assms zero_in_M moreover from this have "is_Hrank(##M,a2, a1, a0) \ (M, [a0,a1,a2,a3,a4,y,x,z,rrank(X)] \ is_Hrank_fm(2,1,0))" if "a4\M" "a3\M" "a2\M" "a1\M" "a0\M" "y\M" "x\M" "z\M" for a4 a3 a2 a1 a0 y x z using that rrank_in_M is_Hrank_iff_sats by simp moreover from calculation have "(M, [y,x,z,rrank(X)] \ is_wfrec_fm(is_Hrank_fm(2,1,0),3,1,0)) \ is_wfrec(##M, is_Hrank(##M) ,rrank(X), x, y)" if "y\M" "x\M" "z\M" for y x z using that rrank_in_M sats_is_wfrec_fm by simp moreover from calculation have "(M, [x,z,rrank(X)] \ ?f) \ (\y\M. pair(##M,x,y,z) \ is_wfrec(##M, is_Hrank(##M) , rrank(X), x, y))" if "x\M" "z\M" for x z using that rrank_in_M by (simp del:pair_abs) moreover have "arity(?f) = 3" using arity_wfrec_replacement_fm[where p="is_Hrank_fm(2,1,0)" and i=3,simplified] arity_is_Hrank_fm[of 2 1 0,simplified] ord_simp_union by simp moreover from calculation have "strong_replacement(##M,\x z. (M, [x,z,rrank(X)] \ ?f))" - using replacement_ax1(7)[unfolded replacement_assm_def] rrank_in_M + using replacement_ax1(3)[unfolded replacement_assm_def] rrank_in_M by simp ultimately show ?thesis using repl_sats[of M ?f "[rrank(X)]"] unfolding wfrec_replacement_def by (simp del:pair_abs) qed lemma trans_repl_HVFrom : assumes "A\M" "i\M" shows "transrec_replacement(##M,is_HVfrom(##M,A),i)" proof - let ?f="Exists(And(pair_fm(1,0,2),is_wfrec_fm(is_HVfrom_fm(8,2,1,0),4,1,0)))" note facts = assms zero_in_M moreover have "\sa\M. \esa\M. \mesa\M. upair(##M,a,a,sa) \ is_eclose(##M,sa,esa) \ membership(##M,esa,mesa)" if "a\M" for a using that upair_ax eclose_closed Memrel_closed unfolding upair_ax_def by (simp del:upair_abs) moreover { fix mesa assume "mesa\M" moreover note facts moreover from calculation have "is_HVfrom(##M,A,a2, a1, a0) \ (M, [a0,a1,a2,a3,a4,y,x,z,A,mesa] \ is_HVfrom_fm(8,2,1,0))" if "a4\M" "a3\M" "a2\M" "a1\M" "a0\M" "y\M" "x\M" "z\M" for a4 a3 a2 a1 a0 y x z using that sats_is_HVfrom_fm by simp moreover from calculation have "(M, [y,x,z,A,mesa] \ is_wfrec_fm(is_HVfrom_fm(8,2,1,0),4,1,0)) \ is_wfrec(##M, is_HVfrom(##M,A),mesa, x, y)" if "y\M" "x\M" "z\M" for y x z using that sats_is_wfrec_fm by simp moreover from calculation have "(M, [x,z,A,mesa] \ ?f) \ (\y\M. pair(##M,x,y,z) \ is_wfrec(##M, is_HVfrom(##M,A) , mesa, x, y))" if "x\M" "z\M" for x z using that by (simp del:pair_abs) moreover have "arity(?f) = 4" using arity_wfrec_replacement_fm[where p="is_HVfrom_fm(8,2,1,0)" and i=9] arity_is_HVfrom_fm ord_simp_union by simp moreover from calculation have "strong_replacement(##M,\x z. (M, [x,z,A,mesa] \ ?f))" - using replacement_ax1(8)[unfolded replacement_assm_def] + using replacement_ax1(4)[unfolded replacement_assm_def] by simp ultimately have "wfrec_replacement(##M,is_HVfrom(##M,A),mesa)" using repl_sats[of M ?f "[A,mesa]"] unfolding wfrec_replacement_def by (simp del:pair_abs) } ultimately show ?thesis unfolding transrec_replacement_def by simp qed end \ \\<^locale>\M_ZF1_trans\\ subsection\Interface for proving Collects and Replace in M.\ context M_ZF1_trans begin lemma Collect_in_M : assumes "\ \ formula" "env\list(M)" "arity(\) \ 1 +\<^sub>\ length(env)" "A\M" and satsQ: "\x. x\M \ (M, [x]@env \ \) \ Q(x)" shows "{y\A . Q(y)}\M" proof - have "separation(##M,\x. (M, [x] @ env \ \))" using assms separation_ax by simp then show ?thesis using \A\M\ satsQ transitivity separation_closed separation_cong[of "##M" "\y. (M, [y]@env \ \)" "Q"] by simp qed \ \This version has a weaker assumption.\ lemma separation_in_M : assumes "\ \ formula" "env\list(M)" "arity(\) \ 1 +\<^sub>\ length(env)" "A\M" and satsQ: "\x. x\A \ (M, [x]@env \ \) \ Q(x)" shows "{y\A . Q(y)} \ M" proof - let ?\' = "And(\,Member(0,length(env)+\<^sub>\1))" note assms moreover have "arity(?\') \ 1 +\<^sub>\ length(env@[A])" using assms Un_le le_trans[of "arity(\)" "1+\<^sub>\length(env)" "2+\<^sub>\length(env)"] by (force simp:FOL_arities) moreover from calculation have "?\'\formula" "nth(length(env), env @ [A]) = A" using nth_append by auto moreover from calculation have "\ x . x \ M \ (M, [x]@env@[A] \ ?\') \ Q(x) \ x\A" using arity_sats_iff[of _ "[A]" _ "[_]@env"] by auto ultimately show ?thesis using Collect_in_M[of ?\' "env@[A]" _ "\x . Q(x) \ x\A", OF _ _ _ \A\M\] by auto qed end \ \\<^locale>\M_ZF1_trans\\ context M_Z_trans begin lemma strong_replacement_in_ctm: assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 2 +\<^sub>\ length(env)" and fsats: "\x y. x\M \ y\M \ (M,[x,y]@env \ \) \ y = f(x)" and fclosed: "\x. x\M \ f(x) \ M" and phi_replacement:"replacement_assm(M,env,\)" and "env\list(M)" shows "strong_replacement(##M, \x y . y = f(x))" using assms strong_replacement_cong[of "##M" "\x y. M,[x,y]@env\\" "\x y. y = f(x)"] unfolding replacement_assm_def by auto lemma strong_replacement_rel_in_ctm : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 2 +\<^sub>\ length(env)" and fsats: "\x y. x\M \ y\M \ (M,[x,y]@env \ \) \ f(x,y)" and phi_replacement:"replacement_assm(M,env,\)" and "env\list(M)" shows "strong_replacement(##M, f)" using assms strong_replacement_cong[of "##M" "\x y. M,[x,y]@env\\" "f"] unfolding replacement_assm_def by auto lemma Replace_in_M : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 2 +\<^sub>\ length(env)" and fsats: "\x y. x\A \ y\M \ (M,[x,y]@env \ \) \ y = f(x)" and fclosed: "\x. x\A \ f(x) \ M" and "A\M" "env\list(M)" and phi'_replacement:"replacement_assm(M,env@[A], \\ \ \0 \ length(env) +\<^sub>\ 2\\ )" shows "{f(x) . x\A}\M" proof - let ?\' = "And(\,Member(0,length(env)+\<^sub>\2))" note assms moreover from this have "arity(?\') \ 2 +\<^sub>\ length(env@[A])" using Un_le le_trans[of "arity(\)" "2+\<^sub>\(length(env))" "3+\<^sub>\length(env)"] by (force simp:FOL_arities) moreover from calculation have "?\'\formula" "nth(length(env), env @ [A]) = A" using nth_append by auto moreover from calculation have "\ x y. x \ M \ y\M \ (M,[x,y]@env@[A]\?\') \ y=f(x) \x\A" using arity_sats_iff[of _ "[A]" _ "[_,_]@env"] by auto moreover from calculation have "strong_replacement(##M, \x y. M,[x,y]@env@[A] \ ?\')" using phi'_replacement assms(1-6) unfolding replacement_assm_def by simp ultimately have 4:"strong_replacement(##M, \x y. y = f(x) \ x\A)" using strong_replacement_cong[of "##M" "\x y. M,[x,y]@env@[A]\?\'" "\x y. y = f(x) \ x\A"] by simp then have "{y . x\A , y = f(x)} \ M" using \A\M\ strong_replacement_closed[OF 4,of A] fclosed by simp moreover have "{f(x). x\A} = { y . x\A , y = f(x)}" by auto ultimately show ?thesis by simp qed lemma Replace_relativized_in_M : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 2 +\<^sub>\ length(env)" and fsats: "\x y. x\A \ y\M \ (M,[x,y]@env \ \) \ is_f(x,y)" and fabs: "\x y. x\A \ y\M \ is_f(x,y) \ y = f(x)" and fclosed: "\x. x\A \ f(x) \ M" and "A\M" "env\list(M)" and phi'_replacement:"replacement_assm(M,env@[A], \\ \ \0 \ length(env) +\<^sub>\ 2\\ )" shows "{f(x) . x\A}\M" using assms Replace_in_M[of \] by auto lemma ren_action : assumes "env\list(M)" "x\M" "y\M" "z\M" shows "\ i . i < 2+\<^sub>\length(env) \ nth(i,[x,z]@env) = nth(\_repl(length(env))`i,[z,x,y]@env)" proof - let ?f="{\0, 1\, \1, 0\}" have 1:"(\j. j < length(env) \ nth(j, env) = nth(id(length(env)) ` j, env))" using assms ltD by simp have 2:"nth(j, [x,z]) = nth(?f ` j, [z,x,y])" if "j<2" for j proof - consider "j=0" | "j=1" using ltD[OF \j<2\] by auto then show ?thesis proof(cases) case 1 then show ?thesis using apply_equality f_type by simp next case 2 then show ?thesis using apply_equality f_type by simp qed qed show ?thesis using sum_action[OF _ _ _ _ f_type id_type _ _ _ _ _ _ _ 2 1,simplified] assms unfolding \_repl_def by simp qed lemma Lambda_in_M : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 2 +\<^sub>\ length(env)" and fsats: "\x y. x\A \ y\M \ (M,[x,y]@env \ \) \ is_f(x,y)" and fabs: "\x y. x\A \ y\M \ is_f(x,y) \ y = f(x)" and fclosed: "\x. x\A \ f(x) \ M" and "A\M" "env\list(M)" and phi'_replacement2: "replacement_assm(M,env@[A],Lambda_in_M_fm(\,length(env)))" shows "(\x\A . f(x)) \M" unfolding lam_def proof - let ?ren="\_repl(length(env))" let ?j="2+\<^sub>\length(env)" let ?k="3+\<^sub>\length(env)" let ?\="ren(\)`?j`?k`?ren" let ?\'="Exists(And(pair_fm(1,0,2),?\))" let ?p="\x y. \z\M. pair(##M,x,z,y) \ is_f(x,z)" have "?\'\formula" "?\\formula" using \env\_\ length_type f_fm ren_type ren_tc[of \ "2+\<^sub>\length(env)" "3+\<^sub>\length(env)" ?ren] by simp_all moreover from this have "arity(?\)\3+\<^sub>\(length(env))" "arity(?\)\nat" using assms arity_ren[OF f_fm _ _ ren_type,of "length(env)"] by simp_all then have "arity(?\') \ 2+\<^sub>\(length(env))" using Un_le pred_Un_distrib assms pred_le by (simp add:arity) moreover from this calculation have "x\A \ y\M \ (M,[x,y]@env \ ?\') \ ?p(x,y)" for x y using \env\_\ length_type[OF \env\_\] assms transitivity[OF _ \A\M\] sats_iff_sats_ren[OF f_fm _ _ _ _ ren_type f_ar ren_action[rule_format,of _ x y],of _ M ] by auto moreover have "x\A \ y\M \ ?p(x,y) \ y = " for x y using assms transitivity[OF _ \A\_\] fclosed by simp moreover have "\ x . x\A \ \ M" using transitivity[OF _ \A\M\] pair_in_M_iff fclosed by simp ultimately show "{\x,f(x)\ . x\A } \ M" using Replace_in_M[of ?\' env A] phi'_replacement2 \A\M\ \env\_\ by simp qed lemma ren_action' : assumes "env\list(M)" "x\M" "y\M" "z\M" "u\M" shows "\ i . i < 3+\<^sub>\length(env) \ nth(i,[x,z,u]@env) = nth(\_pair_repl(length(env))`i,[x,z,y,u]@env)" proof - let ?f="{\0, 0\, \1, 1\, \2,3\}" have 1:"(\j. j < length(env) \ nth(j, env) = nth(id(length(env)) ` j, env))" using assms ltD by simp have 2:"nth(j, [x,z,u]) = nth(?f ` j, [x,z,y,u])" if "j<3" for j proof - consider "j=0" | "j=1" | "j=2" using ltD[OF \j<3\] by auto then show ?thesis proof(cases) case 1 then show ?thesis using apply_equality f_type' by simp next case 2 then show ?thesis using apply_equality f_type' by simp next case 3 then show ?thesis using apply_equality f_type' by simp qed qed show ?thesis using sum_action[OF _ _ _ _ f_type' id_type _ _ _ _ _ _ _ 2 1,simplified] assms unfolding \_pair_repl_def by simp qed lemma LambdaPair_in_M : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 3 +\<^sub>\ length(env)" and fsats: "\x z r. x\M \ z\M \ r\M \ (M,[x,z,r]@env \ \) \ is_f(x,z,r)" and fabs: "\x z r. x\M \ z\M \ r\M \ is_f(x,z,r) \ r = f(x,z)" and fclosed: "\x z. x\M \ z\M \ f(x,z) \ M" and "A\M" "env\list(M)" and phi'_replacement3: "replacement_assm(M,env@[A],LambdaPair_in_M_fm(\,length(env)))" shows "(\x\A . f(fst(x),snd(x))) \M" proof - let ?ren="\_pair_repl(length(env))" let ?j="3+\<^sub>\length(env)" let ?k="4+\<^sub>\length(env)" let ?\="ren(\)`?j`?k`?ren" let ?\'="Exists(Exists(And(fst_fm(2,0),(And(snd_fm(2,1),?\)))))" let ?p="\x y. is_f(fst(x),snd(x),y)" have "?\'\formula" "?\\formula" using \env\_\ length_type f_fm ren_type' ren_tc[of \ ?j ?k ?ren] by simp_all moreover from this have "arity(?\)\4+\<^sub>\(length(env))" "arity(?\)\nat" using assms arity_ren[OF f_fm _ _ ren_type',of "length(env)"] by simp_all moreover from calculation have 1:"arity(?\') \ 2+\<^sub>\(length(env))" "?\'\formula" using Un_le pred_Un_distrib assms pred_le by (simp_all add:arity) moreover from this calculation have 2:"x\A \ y\M \ (M,[x,y]@env \ ?\') \ ?p(x,y)" for x y using sats_iff_sats_ren[OF f_fm _ _ _ _ ren_type' f_ar ren_action'[rule_format,of _ "fst(x)" x "snd(x)" y],simplified] \env\_\ length_type[OF \env\_\] transitivity[OF _ \A\M\] fst_snd_closed pair_in_M_iff fsats[of "fst(x)" "snd(x)" y,symmetric] fst_abs snd_abs by auto moreover from assms have 3:"x\A \ y\M \ ?p(x,y) \ y = f(fst(x),snd(x))" for x y using fclosed fst_snd_closed pair_in_M_iff fabs transitivity by auto moreover have 4:"\ x . x\A \ \ M" "\ x . x\A \ f(fst(x),snd(x)) \ M" using transitivity[OF _ \A\M\] pair_in_M_iff fclosed fst_snd_closed by simp_all ultimately show ?thesis using Lambda_in_M[unfolded Lambda_in_M_fm_def, of ?\', OF _ _ _ _ _ _ _ phi'_replacement3[unfolded LambdaPair_in_M_fm_def]] \env\_\ \A\_\ by simp qed lemma (in M_ZF1_trans) lam_replacement2_in_ctm : assumes f_fm: "\ \ formula" and f_ar: "arity(\)\ 3 +\<^sub>\ length(env)" and fsats: "\x z r. x\M \ z\M \ r\M \ (M,[x,z,r]@env \ \) \ is_f(x,z,r)" and fabs: "\x z r. x\M \ z\M \ r\M \ is_f(x,z,r) \ r = f(x,z)" and fclosed: "\x z. x\M \ z\M \ f(x,z) \ M" and "env\list(M)" and phi'_replacement3: "\A. A\M \ replacement_assm(M,env@[A],LambdaPair_in_M_fm(\,length(env)))" shows "lam_replacement(##M , \x . f(fst(x),snd(x)))" using LambdaPair_in_M fabs f_ar ord_simp_union transitivity assms fst_snd_closed by (rule_tac lam_replacement_iff_lam_closed[THEN iffD2],simp_all) simple_rename "ren_U" src "[z1,x_P, x_leq, x_o, x_t, z2_c]" tgt "[z2_c,z1,z,x_P, x_leq, x_o, x_t]" simple_rename "ren_V" src "[fz,x_P, x_leq, x_o,x_f, x_t, gz]" tgt "[gz,fz,z,x_P, x_leq, x_o,x_f, x_t]" simple_rename "ren_V3" src "[fz,x_P, x_leq, x_o,x_f, gz, hz]" tgt "[hz,gz,fz,z,x_P, x_leq, x_o,x_f]" lemma separation_sat_after_function_1: assumes "[a,b,c,d]\list(M)" and "\\formula" and "arity(\) \ 6" and f_fm: "f_fm \ formula" and f_ar: "arity(f_fm) \ 6" and fsats: "\ fx x. fx\M \ x\M \ (M,[fx,x]@[a, b, c, d] \ f_fm) \ fx=f(x)" and fclosed: "\x . x\M \ f(x) \ M" and g_fm: "g_fm \ formula" and g_ar: "arity(g_fm) \ 7" and gsats: "\ gx fx x. gx\M \ fx\M \ x\M \ (M,[gx,fx,x]@[a, b, c, d] \ g_fm) \ gx=g(x)" and gclosed: "\x . x\M \ g(x) \ M" shows "separation(##M, \r. M, [f(r), a, b, c, d, g(r)] \ \)" proof - note types = assms(1-4) let ?\="ren(\)`6`7`ren_U_fn" let ?\'="Exists(And(f_fm,Exists(And(g_fm,?\))))" let ?\="\z.[f(z), a, b, c, d, g(z)]" let ?env="[a, b, c, d]" let ?\="\z.[g(z),f(z),z]@?env" note types moreover from this have "arity(\) \ 7" "?\\formula" using ord_simp_union ren_tc ren_U_thm(2)[folded ren_U_fn_def] le_trans[of "arity(\)" 6] by simp_all moreover from calculation have "arity(?\) \ 7" "?\'\formula" using arity_ren ren_U_thm(2)[folded ren_U_fn_def] f_fm g_fm by simp_all moreover from calculation f_ar g_ar f_fm g_fm have "arity(?\') \ 5" using ord_simp_union pred_le arity_type by (simp add:arity) moreover from calculation fclosed gclosed have 0:"(M, [f(z), a, b, c, d, g(z)] \ \) \ (M,?\(z)\ ?\)" if "(##M)(z)" for z using sats_iff_sats_ren[of \ 6 7 _ _ "?\(z)"] ren_U_thm(1)[where A=M,folded ren_U_fn_def] ren_U_thm(2)[folded ren_U_fn_def] that by simp moreover from calculation have 1:"(M,?\(z)\ ?\) \ M,[z]@?env\?\'" if "(##M)(z)" for z using that fsats[OF fclosed[of z],of z] gsats[of "g(z)" "f(z)" z] fclosed gclosed f_fm g_fm proof(rule_tac iffI,simp,rule_tac rev_bexI[where x="f(z)"],simp,(auto)[1]) assume "M, [z] @ [a, b, c, d] \ (\\\f_fm \ (\\\g_fm \ ren(\) ` 6 ` 7 ` ren_U_fn\\)\\)" then have "\xa\M. (M, [xa, z, a, b, c, d] \ f_fm) \ (\x\M. (M, [x, xa, z, a, b, c, d] \ g_fm) \ (M, [x, xa, z, a, b, c, d] \ ren(\) ` 6 ` 7 ` ren_U_fn))" using that calculation by auto then obtain xa x where "x\M" "xa\M" "M, [xa, z, a, b, c, d] \ f_fm" "(M, [x, xa, z, a, b, c, d] \ g_fm)" "(M, [x, xa, z, a, b, c, d] \ ren(\) ` 6 ` 7 ` ren_U_fn)" using that calculation by auto moreover from this have "xa=f(z)" "x=g(z)" using fsats[of xa] gsats[of x xa] that by simp_all ultimately show "M, [g(z), f(z), z] @ [a, b, c, d] \ ren(\) ` 6 ` 7 ` ren_U_fn" by auto qed moreover from calculation have "separation(##M, \z. (M,[z]@?env \ ?\'))" using separation_ax by simp_all ultimately show ?thesis by(rule_tac separation_cong[THEN iffD2,OF iff_trans[OF 0 1]],clarify,force) qed lemma separation_sat_after_function3: assumes "[a, b, c, d]\list(M)" and "\\formula" and "arity(\) \ 7" and f_fm: "f_fm \ formula" and f_ar: "arity(f_fm) \ 6" and fsats: "\ fx x. fx\M \ x\M \ (M,[fx,x]@[a, b, c, d] \ f_fm) \ fx=f(x)" and fclosed: "\x . x\M \ f(x) \ M" and g_fm: "g_fm \ formula" and g_ar: "arity(g_fm) \ 7" and gsats: "\ gx fx x. gx\M \ fx\M \ x\M \ (M,[gx,fx,x]@[a, b, c, d] \ g_fm) \ gx=g(x)" and gclosed: "\x . x\M \ g(x) \ M" and h_fm: "h_fm \ formula" and h_ar: "arity(h_fm) \ 8" and hsats: "\ hx gx fx x. hx\M \ gx\M \ fx\M \ x\M \ (M,[hx,gx,fx,x]@[a, b, c, d] \ h_fm) \ hx=h(x)" and hclosed: "\x . x\M \ h(x) \ M" shows "separation(##M, \r. M, [f(r), a, b, c, d, g(r), h(r)] \ \)" proof - note types = assms(1-3) let ?\="\" let ?\="ren(?\)`7`8`ren_V3_fn" let ?\'="Exists(And(f_fm,Exists(And(g_fm,Exists(And(h_fm,?\))))))" let ?\="\z.[f(z), a, b, c, d,g(z), h(z)]" let ?env="[a, b, c, d]" let ?\="\z.[h(z),g(z),f(z),z]@?env" note types moreover from this have "?\\formula" by simp moreover from calculation have "arity(?\) \ 9" "?\\formula" using ord_simp_union ren_tc ren_V3_thm(2)[folded ren_V3_fn_def] le_trans[of "arity(\)" 7] by simp_all moreover from calculation have "arity(?\) \ 8" "?\'\formula" using arity_ren ren_V3_thm(2)[folded ren_V3_fn_def] f_fm g_fm h_fm by (simp_all) moreover from this f_ar g_ar f_fm g_fm h_fm h_ar \?\'\_\ have "arity(?\') \ 5" using ord_simp_union arity_type nat_into_Ord by (simp add:arity,(rule_tac pred_le,simp,rule_tac Un_le,simp)+,simp_all add: \?\\_\) moreover from calculation fclosed gclosed hclosed have 0:"(M, ?\(z) \ ?\) \ (M,?\(z)\ ?\)" if "(##M)(z)" for z using sats_iff_sats_ren[of ?\ 7 8 "?\(z)" M "?\(z)"] ren_V3_thm(1)[where A=M,folded ren_V3_fn_def,simplified] ren_V3_thm(2)[folded ren_V3_fn_def] that by simp moreover from calculation have 1:"(M,?\(z)\ ?\) \ M,[z]@?env\?\'" if "(##M)(z)" for z using that fsats[OF fclosed[of z],of z] gsats[of "g(z)" "f(z)" z] hsats[of "h(z)" "g(z)" "f(z)" z] fclosed gclosed hclosed f_fm g_fm h_fm apply(rule_tac iffI,simp,rule_tac rev_bexI[where x="f(z)"],simp) apply(rule_tac conjI,simp,rule_tac rev_bexI[where x="g(z)"],simp) apply(rule_tac conjI,simp,rule_tac rev_bexI[where x="h(z)"],simp,rule_tac conjI,simp,simp) proof - assume "M, [z] @ [a, b, c, d] \ (\\\f_fm \ (\\\g_fm \ (\\\h_fm \ ren(\) ` 7 ` 8 ` ren_V3_fn\\)\\)\\)" with calculation that have "\x\M. (M, [x, z, a, b, c, d] \ f_fm) \ (\xa\M. (M, [xa, x, z, a, b, c, d] \ g_fm) \ (\xb\M. (M, [xb, xa, x, z, a, b, c, d] \ h_fm) \ (M, [xb, xa, x, z, a, b, c, d] \ ren(\) ` 7 ` 8 ` ren_V3_fn)))" by auto with calculation obtain x where "x\M" "(M, [x, z, a, b, c, d] \ f_fm)" "(\xa\M. (M, [xa, x, z, a, b, c, d] \ g_fm) \ (\xb\M. (M, [xb, xa, x, z, a, b, c, d] \ h_fm) \ (M, [xb, xa, x, z, a, b, c, d] \ ren(\) ` 7 ` 8 ` ren_V3_fn)))" by force moreover from this have "x=f(z)" using fsats[of x] that by simp moreover from calculation obtain xa where "xa\M" "(M, [xa, x, z, a, b, c, d] \ g_fm)" "(\xb\M. (M, [xb, xa, x, z, a, b, c, d] \ h_fm) \ (M, [xb, xa, x, z, a, b, c, d] \ ren(\) ` 7 ` 8 ` ren_V3_fn))" by auto moreover from calculation have "xa=g(z)" using gsats[of xa x] that by simp moreover from calculation obtain xb where "xb\M" "(M, [xb, xa, x, z, a, b, c, d] \ h_fm)" "(M, [xb, xa, x, z, a, b, c, d] \ ren(\) ` 7 ` 8 ` ren_V3_fn)" by auto moreover from calculation have "xb=h(z)" using hsats[of xb xa x] that by simp ultimately show "M, [h(z), g(z), f(z), z] @ [a, b, c, d] \ ren(\) ` 7 ` 8 ` ren_V3_fn" by auto qed moreover from calculation \?\'\_\ have "separation(##M, \z. (M,[z]@?env \ ?\'))" using separation_ax by simp ultimately show ?thesis by(rule_tac separation_cong[THEN iffD2,OF iff_trans[OF 0 1]],clarify,force) qed lemma separation_sat_after_function: assumes "[a, b, c, d, \]\list(M)" and "\\formula" and "arity(\) \ 7" and f_fm: "f_fm \ formula" and f_ar: "arity(f_fm) \ 7" and fsats: "\ fx x. fx\M \ x\M \ (M,[fx,x]@[a, b, c, d, \] \ f_fm) \ fx=f(x)" and fclosed: "\x . x\M \ f(x) \ M" and g_fm: "g_fm \ formula" and g_ar: "arity(g_fm) \ 8" and gsats: "\ gx fx x. gx\M \ fx\M \ x\M \ (M,[gx,fx,x]@[a, b, c, d, \] \ g_fm) \ gx=g(x)" and gclosed: "\x . x\M \ g(x) \ M" shows "separation(##M, \r. M, [f(r), a, b, c, d, \, g(r)] \ \)" proof - note types = assms(1-3) let ?\="\" let ?\="ren(?\)`7`8`ren_V_fn" let ?\'="Exists(And(f_fm,Exists(And(g_fm,?\))))" let ?\="\z.[f(z), a, b, c, d, \, g(z)]" let ?env="[a, b, c, d, \]" let ?\="\z.[g(z),f(z),z]@?env" note types moreover from this have "?\\formula" by simp moreover from calculation have "arity(?\) \ 8" "?\\formula" using ord_simp_union ren_tc ren_V_thm(2)[folded ren_V_fn_def] le_trans[of "arity(\)" 7] by simp_all moreover from calculation have "arity(?\) \ 8" "?\'\formula" using arity_ren ren_V_thm(2)[folded ren_V_fn_def] f_fm g_fm by (simp_all) moreover from calculation f_ar g_ar f_fm g_fm have "arity(?\') \ 6" using ord_simp_union pred_le arity_type by (simp add:arity) moreover from calculation fclosed gclosed have 0:"(M, ?\(z) \ ?\) \ (M,?\(z)\ ?\)" if "(##M)(z)" for z using sats_iff_sats_ren[of ?\ 7 8 "?\(z)" _ "?\(z)"] ren_V_thm(1)[where A=M,folded ren_V_fn_def] ren_V_thm(2)[folded ren_V_fn_def] that by simp moreover from calculation have 1:"(M,?\(z)\ ?\) \ M,[z]@?env\?\'" if "(##M)(z)" for z using that fsats[OF fclosed[of z],of z] gsats[of "g(z)" "f(z)" z] fclosed gclosed f_fm g_fm apply(rule_tac iffI,simp,rule_tac rev_bexI[where x="f(z)"],simp) apply(auto)[1] proof - assume "M, [z] @ [a, b, c, d, \] \ (\\\f_fm \ (\\\g_fm \ ren(\) ` 7 ` 8 ` ren_V_fn\\)\\)" then have "\xa\M. (M, [xa, z, a, b, c, d, \] \ f_fm) \ (\x\M. (M, [x, xa, z, a, b, c, d, \] \ g_fm) \ (M, [x, xa, z, a, b, c, d, \] \ ren(\) ` 7 ` 8 ` ren_V_fn))" using that calculation by auto then obtain xa where "xa\M" "M, [xa, z, a, b, c, d, \] \ f_fm" "(\x\M. (M, [x, xa, z, a, b, c, d, \] \ g_fm) \ (M, [x, xa, z, a, b, c, d, \] \ ren(\) ` 7 ` 8 ` ren_V_fn))" by auto moreover from this have "xa=f(z)" using fsats[of xa] that by simp moreover from calculation obtain x where "x\M" "M, [x, xa, z, a, b, c, d, \] \ g_fm" "M, [x, xa, z, a, b, c, d, \] \ ren(\) ` 7 ` 8 ` ren_V_fn" by auto moreover from calculation have "x=g(z)" using gsats[of x xa] that by simp ultimately show "M, [g(z), f(z), z] @ [a, b, c, d, \] \ ren(\) ` 7 ` 8 ` ren_V_fn" by auto qed moreover from calculation have "separation(##M, \z. (M,[z]@?env \ ?\'))" using separation_ax by simp_all ultimately show ?thesis by(rule_tac separation_cong[THEN iffD2,OF iff_trans[OF 0 1]],clarify,force) qed end definition separation_assm_fm :: "[i,i,i] \ i" where "separation_assm_fm(A,x,f_fm) \ (\\ (\\ \\0 \ A +\<^sub>\ 2\ \ \\\0,1\ is x+\<^sub>\ 2 \ \ f_fm \\\)\)" lemma separation_assm_fm_type[TC]: "A \ \ \ y \ \ \ f_fm \ formula \ separation_assm_fm(A, y,f_fm) \ formula" unfolding separation_assm_fm_def by simp lemma arity_separation_assm_fm : "A \ \ \ x \ \ \ f_fm \ formula \ arity(separation_assm_fm(A, x, f_fm)) = succ(A) \ succ(x) \ pred(pred(arity(f_fm)))" using pred_Un_distrib unfolding separation_assm_fm_def by (auto simp add:arity) definition separation_assm_bin_fm where "separation_assm_bin_fm(A,y,f_fm) \ (\\(\\(\\(\\(\(\\3 \ A +\<^sub>\ 4\ \ \\3,2\ is y +\<^sub>\ 4\\ ) \ \f_fm \ \ \fst(3) is 0 \ \ \snd(3) is 1\\\\ ) \)\)\)\) " lemma separation_assm_bin_fm_type[TC]: "A \ \ \ y \ \ \ f_fm \ formula \ separation_assm_bin_fm(A, y,f_fm) \ formula" unfolding separation_assm_bin_fm_def by simp lemma arity_separation_assm_bin_fm : "A \ \ \ x \ \ \ f_fm \ formula \ arity(separation_assm_bin_fm(A, x, f_fm)) = succ(A) \ succ(x) \ (pred^4(arity(f_fm)))" using pred_Un_distrib unfolding separation_assm_bin_fm_def by (auto simp add:arity) context M_Z_trans begin lemma separation_assm_sats : assumes f_fm: "\ \ formula" and f_ar: "arity(\) = 2" and fsats: "\env x y. env\list(M) \ x\M \ y\M \ (M,[x,y]@env \ \) \ is_f(x,y)" and fabs: "\x y. x\M \ y\M \ is_f(x,y) \ y = f(x)" and fclosed: "\x. x\M \ f(x) \ M" and "A\M" shows "separation(##M, \y. \x \ M . x\A \ y = \x, f(x)\)" proof - let ?\'="separation_assm_fm(1,0,\)" let ?p="\y. \x\M . x\A \ y = \x, f(x)\" from f_fm have "?\'\formula" by simp moreover from this f_ar f_fm have "arity(?\') = 2" using arity_separation_assm_fm[of 1 0 \] ord_simp_union by simp moreover from \A\M\ calculation have "separation(##M,\y . M,[y,A] \ ?\')" using separation_ax by auto moreover have "y\M \ (M,[y,A] \ ?\') \ ?p(y)" for y using assms transitivity[OF _ \A\M\] unfolding separation_assm_fm_def by auto ultimately show ?thesis by(rule_tac separation_cong[THEN iffD1],auto) qed lemma separation_assm_bin_sats : assumes f_fm: "\ \ formula" and f_ar: "arity(\) = 3" and fsats: "\env x z y. env\list(M) \ x\M \ z\M \ y\M \ (M,[x,z,y]@env \ \) \ is_f(x,z,y)" and fabs: "\x z y. x\M \ z\M \ y\M \ is_f(x,z,y) \ y = f(x,z)" and fclosed: "\x z . x\M \ z\M \ f(x,z) \ M" and "A\M" shows "separation(##M, \y. \x \ M . x\A \ y = \x, f(fst(x),snd(x))\)" proof - let ?\'="separation_assm_bin_fm(1,0,\)" let ?p="\y. \x\M . x\A \ y = \x, f(fst(x),snd(x))\" from f_fm have "?\'\formula" by simp moreover from this f_ar f_fm have "arity(?\') = 2" using arity_separation_assm_bin_fm[of 1 0 \] ord_simp_union by simp moreover from \A\M\ calculation have "separation(##M,\y . M,[y,A] \ ?\')" using separation_ax by auto moreover have "y\M \ (M,[y,A] \ ?\') \ ?p(y)" for y using assms transitivity[OF _ \A\M\] pair_in_M_iff fst_abs snd_abs fst_closed snd_closed unfolding separation_assm_bin_fm_def by auto ultimately show ?thesis by(rule_tac separation_cong[THEN iffD1],auto) qed lemma separation_Union: "A\M \ separation(##M, \y. \x \ M . x\A \ y = \x, Union(x)\)" using separation_assm_sats[of "big_union_fm(0,1)"] arity_big_union_fm ord_simp_union Union_closed[simplified] by simp lemma lam_replacement_Union: "lam_replacement(##M, Union)" using lam_replacement_Union' separation_Union transM by simp lemma separation_fst: "A\M \ separation(##M, \y. \x \ M . x\A \ y = \x, fst(x)\)" using separation_assm_sats[of "fst_fm(0,1)"] arity_fst_fm ord_simp_union fst_closed fst_abs by simp lemma lam_replacement_fst: "lam_replacement(##M, fst)" using lam_replacement_fst' separation_fst transM by simp lemma separation_snd: "A\M \ separation(##M, \y. \x \ M . x\A \ y = \x, snd(x)\)" using separation_assm_sats[of "snd_fm(0,1)"] arity_snd_fm ord_simp_union snd_closed[simplified] snd_abs by simp lemma lam_replacement_snd: "lam_replacement(##M, snd)" using lam_replacement_snd' separation_snd transM by simp text\Binary lambda-replacements\ lemma separation_Image: "A\M \ separation(##M, \y. \x\M. x \ A \ y = \x, fst(x) `` snd(x)\)" using arity_image_fm ord_simp_union nonempty image_closed image_abs by (rule_tac separation_assm_bin_sats[of "image_fm(0,1,2)"],auto) lemma lam_replacement_Image: "lam_replacement(##M, \x . fst(x) `` snd(x))" using lam_replacement_Image' separation_Image by simp lemma separation_middle_del: "A\M \ separation(##M, \y. \x\M. x \ A \ y = \x, middle_del(fst(x), snd(x))\)" using arity_is_middle_del_fm ord_simp_union nonempty fst_abs snd_abs fst_closed snd_closed pair_in_M_iff by (rule_tac separation_assm_bin_sats[of "is_middle_del_fm(0,1,2)"], auto simp:is_middle_del_def middle_del_def) lemma lam_replacement_middle_del: "lam_replacement(##M, \r . middle_del(fst(r),snd(r)))" using lam_replacement_middle_del' separation_middle_del by simp lemma separation_prodRepl: "A\M \ separation(##M, \y. \x\M. x \ A \ y = \x, prodRepl(fst(x), snd(x))\)" using arity_is_prodRepl_fm ord_simp_union nonempty fst_abs snd_abs fst_closed snd_closed pair_in_M_iff by (rule_tac separation_assm_bin_sats[of "is_prodRepl_fm(0,1,2)"], auto simp:is_prodRepl_def prodRepl_def) lemma lam_replacement_prodRepl: "lam_replacement(##M, \r . prodRepl(fst(r),snd(r)))" using lam_replacement_prodRepl' separation_prodRepl by simp end \ \\<^locale>\M_Z_trans\\ context M_trivial begin lemma first_closed: "M(B) \ M(r) \ first(u,r,B) \ M(u)" using transM[OF first_is_elem] by simp is_iff_rel for "first" unfolding is_first_def first_rel_def by auto is_iff_rel for "minimum" unfolding is_minimum_def minimum_rel_def using is_first_iff The_abs nonempty by force end \ \\<^locale>\M_trivial\\ context M_Z_trans begin lemma (in M_basic) is_minimum_equivalence : "M(R) \ M(X) \ M(u) \ is_minimum(M,R,X,u) \ is_minimum'(M,R,X,u)" unfolding is_minimum_def is_minimum'_def is_The_def is_first_def by simp lemma separation_minimum: "A\M \ separation(##M, \y. \x\M. x \ A \ y = \x, minimum(fst(x), snd(x))\)" using arity_minimum_fm ord_simp_union is_minimum_iff minimum_abs is_minimum_equivalence nonempty minimum_closed minimum_abs by (rule_tac separation_assm_bin_sats[of "minimum_fm(0,1,2)"], auto) lemma lam_replacement_minimum: "lam_replacement(##M, \x . minimum(fst(x),snd(x)))" using lam_replacement_minimum' separation_minimum by simp end \ \\<^locale>\M_Z_trans\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Kappa_Closed_Notions.thy b/thys/Independence_CH/Kappa_Closed_Notions.thy --- a/thys/Independence_CH/Kappa_Closed_Notions.thy +++ b/thys/Independence_CH/Kappa_Closed_Notions.thy @@ -1,723 +1,723 @@ section\Preservation results for $\kappa$-closed forcing notions\ theory Kappa_Closed_Notions imports Not_CH begin definition lerel :: "i\i" where "lerel(\) \ Memrel(\) \ id(\)" lemma lerelI[intro!]: "x\y \ y\\ \ Ord(\) \ \x,y\ \ lerel(\)" using Ord_trans[of x y \] ltD unfolding lerel_def by auto lemma lerelD[dest]: "\x,y\ \ lerel(\) \ Ord(\) \ x\y" using ltI[THEN leI] Ord_in_Ord unfolding lerel_def by auto definition mono_seqspace :: "[i,i,i] \ i" (\_ \<^sub><\ '(_,_')\ [61] 60) where "\ \<^sub><\ (P,leq) \ mono_map(\,Memrel(\),P,leq)" relativize functional "mono_seqspace" "mono_seqspace_rel" relationalize "mono_seqspace_rel" "is_mono_seqspace" synthesize "is_mono_seqspace" from_definition assuming "nonempty" context M_ZF_library begin rel_closed for "mono_seqspace" unfolding mono_seqspace_rel_def mono_map_rel_def using separation_closed separation_ball separation_imp separation_in lam_replacement_fst lam_replacement_snd lam_replacement_hcomp lam_replacement_constant lam_replacement_product lam_replacement_apply2[THEN[5] lam_replacement_hcomp2] by simp_all end \ \\<^locale>\M_ZF_library\\ abbreviation mono_seqspace_r (\_ \<^sub><\\<^bsup>_\<^esup> '(_,_')\ [61] 60) where "\ \<^sub><\\<^bsup>M\<^esup> (P,leq) \ mono_seqspace_rel(M,\,P,leq)" abbreviation mono_seqspace_r_set (\_ \<^sub><\\<^bsup>_\<^esup> '(_,_')\ [61] 60) where "\ \<^sub><\\<^bsup>M\<^esup> (P,leq) \ mono_seqspace_rel(##M,\,P,leq)" lemma mono_seqspaceI[intro!]: includes mono_map_rules assumes "f: A\P" "\x y. x\A \ y\A \ x \f`x, f`y\ \ leq" "Ord(A)" shows "f: A \<^sub><\ (P,leq)" using ltI[OF _ Ord_in_Ord[of A], THEN [3] assms(2)] assms(1,3) unfolding mono_seqspace_def by auto lemma (in M_ZF_library) mono_seqspace_rel_char: assumes "M(A)" "M(P)" "M(leq)" shows "A \<^sub><\\<^bsup>M\<^esup> (P,leq) = {f\A \<^sub><\ (P,leq). M(f)}" using assms mono_map_rel_char unfolding mono_seqspace_def mono_seqspace_rel_def by simp lemma (in M_ZF_library) mono_seqspace_relI[intro!]: assumes "f: A\\<^bsup>M\<^esup> P" "\x y. x\A \ y\A \ x \f`x, f`y\ \ leq" "Ord(A)" "M(A)" "M(P)" "M(leq)" shows "f: A \<^sub><\\<^bsup>M\<^esup> (P,leq)" using mono_seqspace_rel_char function_space_rel_char assms by auto lemma mono_seqspace_is_fun[dest]: includes mono_map_rules shows "j: A \<^sub><\ (P,leq) \ j: A\ P" unfolding mono_seqspace_def by auto lemma mono_map_lt_le_is_mono[dest]: includes mono_map_rules assumes "j: A \<^sub><\ (P,leq)" "a\A" "c\A" "a\c" "Ord(A)" "refl(P,leq)" shows "\j`a,j`c\ \ leq" using assms mono_map_increasing unfolding mono_seqspace_def refl_def by (cases "a=c") (auto dest:ltD) lemma (in M_ZF_library) mem_mono_seqspace_abs[absolut]: assumes "M(f)" "M(A)" "M(P)" "M(leq)" shows "f:A \<^sub><\\<^bsup>M\<^esup> (P,leq) \ f: A \<^sub><\ (P,leq)" using assms mono_map_rel_char unfolding mono_seqspace_def mono_seqspace_rel_def by (simp) definition mono_map_lt_le :: "[i,i] \ i" (infixr \\<^sub><\\<^sub>\\ 60) where "\ \<^sub><\\<^sub>\ \ \ \ \<^sub><\ (\,lerel(\))" lemma mono_map_lt_leI[intro!]: includes mono_map_rules assumes "f: A\B" "\x y. x\A \ y\A \ x f`x \ f`y" "Ord(A)" "Ord(B)" shows "f: A \<^sub><\\<^sub>\ B" using assms unfolding mono_map_lt_le_def by auto \ \Kunen IV.7.13, with “$\kappa$” in place of “$\lambda$”\ definition kappa_closed :: "[i,i,i] \ o" (\_-closed'(_,_')\) where "\-closed(P,leq) \ \\. \<\ \ (\f\\ \<^sub><\ (P,converse(leq)). \q\P. \\\\. \q,f`\\\leq)" relativize functional "kappa_closed" "kappa_closed_rel" relationalize "kappa_closed_rel" "is_kappa_closed" synthesize "is_kappa_closed" from_definition assuming "nonempty" abbreviation kappa_closed_r (\_-closed\<^bsup>_\<^esup>'(_,_')\ [61] 60) where "\-closed\<^bsup>M\<^esup>(P,leq) \ kappa_closed_rel(M,\,P,leq)" abbreviation kappa_closed_r_set (\_-closed\<^bsup>_\<^esup>'(_,_')\ [61] 60) where "\-closed\<^bsup>M\<^esup>(P,leq) \ kappa_closed_rel(##M,\,P,leq)" lemma (in forcing_data3) forcing_a_value: assumes "p \ \0:1\2\ [f_dot, A\<^sup>v, B\<^sup>v]" "a \ A" - "q \ p" "q \ P" "p\P" "f_dot \ M" "A\M" "B\M" - shows "\d\P. \b\B. d \ q \ d \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]" + "q \ p" "q \ \" "p\\" "f_dot \ M" "A\M" "B\M" + shows "\d\\. \b\B. d \ q \ d \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]" (* \ \Old neater version, but harder to use (without the assumptions on \<^term>\q\):\ - "dense_below({q \ P. \b\B. q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]}, p)" *) + "dense_below({q \ \. \b\B. q \ \0`1 is 2\ [f_dot, a\<^sup>v, b\<^sup>v]}, p)" *) proof - from assms have "q \ \0:1\2\ [f_dot, A\<^sup>v, B\<^sup>v]" using strengthening_lemma[of p "\0:1\2\" q "[f_dot, A\<^sup>v, B\<^sup>v]"] typed_function_type arity_typed_function_fm by (auto simp: union_abs2 union_abs1) from \a\A\ \A\M\ have "a\M" by (auto dest:transitivity) - from \q\P\ + from \q\\\ text\Here we're using countability (via the existence of generic filters) of \<^term>\M\ as a shortcut, to avoid a further density argument.\ obtain G where "M_generic(G)" "q\G" using generic_filter_existence by blast then interpret G_generic3_AC _ _ _ _ _ G by unfold_locales include G_generic1_lemmas note \q\G\ moreover note \q \ \0:1\2\ [f_dot, A\<^sup>v, B\<^sup>v]\ \M_generic(G)\ moreover - note \q\P\ \f_dot\M\ \B\M\ \A\M\ + note \q\\\ \f_dot\M\ \B\M\ \A\M\ moreover from this have "map(val( G), [f_dot, A\<^sup>v, B\<^sup>v]) \ list(M[G])" by simp moreover from calculation have "val(G,f_dot) : A \\<^bsup>M[G]\<^esup> B" using truth_lemma[of "\0:1\2\" "[f_dot, A\<^sup>v, B\<^sup>v]", THEN iffD1] typed_function_type arity_typed_function_fm val_check[OF one_in_G one_in_P] by (auto simp: union_abs2 union_abs1 ext.mem_function_space_rel_abs) moreover note \a \ M\ moreover from calculation and \a\A\ have "val(G,f_dot) ` a \ B" (is "?b \ B") by (simp add: ext.mem_function_space_rel_abs) moreover from calculation have "?b \ M" by (auto dest:transitivity) moreover from calculation have "M[G], map(val(G), [f_dot, a\<^sup>v, ?b\<^sup>v]) \ \0`1 is 2\" by simp ultimately - obtain r where "r \ \0`1 is 2\ [f_dot, a\<^sup>v, ?b\<^sup>v]" "r\G" "r\P" + obtain r where "r \ \0`1 is 2\ [f_dot, a\<^sup>v, ?b\<^sup>v]" "r\G" "r\\" using truth_lemma[of "\0`1 is 2\" "[f_dot, a\<^sup>v, ?b\<^sup>v]", THEN iffD2] fun_apply_type arity_fun_apply_fm val_check[OF one_in_G one_in_P] G_subset_P by (auto simp: union_abs2 union_abs1 ext.mem_function_space_rel_abs) moreover from this and \q\G\ - obtain d where "d\q" "d\r" "d\P" by force + obtain d where "d\q" "d\r" "d\\" by force moreover note \f_dot\M\ \a\M\ \?b\B\ \B\M\ moreover from calculation have "d \ q \ d \ \0`1 is 2\ [f_dot, a\<^sup>v, ?b\<^sup>v]" using fun_apply_type arity_fun_apply_fm strengthening_lemma[of r "\0`1 is 2\" d "[f_dot, a\<^sup>v, ?b\<^sup>v]"] by (auto dest:transitivity simp add: union_abs2 union_abs1) ultimately show ?thesis by auto qed locale M_master_CH = M_master + M_library_DC sublocale M_ZFC2_ground_CH_trans \ M_master_CH "##M" using replacement_dcwit_repl_body by unfold_locales (simp_all add:sep_instances del:setclass_iff add: transrec_replacement_def wfrec_replacement_def dcwit_repl_body_def) context G_generic3_AC_CH begin context includes G_generic1_lemmas begin lemma separation_check_snd_aux: assumes "f_dot\M" "\\M" "\\formula" "arity(\) \ 7" - shows "separation(##M, \r. M, [fst(r), P, leq, \, f_dot, \, snd(r)\<^sup>v] \ \)" + shows "separation(##M, \r. M, [fst(r), \, leq, \, f_dot, \, snd(r)\<^sup>v] \ \)" proof - let ?f_fm="fst_fm(1,0)" let ?g_fm="hcomp_fm(check_fm(6),snd_fm,2,0)" note assms moreover have "?f_fm \ formula" "arity(?f_fm) \ 7" "?g_fm \ formula" "arity(?g_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function using fst_abs snd_abs sats_snd_fm sats_check_fm check_abs unfolding hcomp_fm_def by simp qed lemma separation_check_fst_snd_aux : assumes "f_dot\M" "r\M" "\\formula" "arity(\) \ 7" - shows "separation(##M, \p. M, [r, P, leq, \, f_dot, fst(p)\<^sup>v, snd(p)\<^sup>v] \ \)" + shows "separation(##M, \p. M, [r, \, leq, \, f_dot, fst(p)\<^sup>v, snd(p)\<^sup>v] \ \)" proof - - let ?\="\z. [r, P, leq, \, f_dot, fst(z)\<^sup>v, snd(z)\<^sup>v]" - let ?\'="\z. [fst(z)\<^sup>v, P, leq, \, f_dot, r, snd(z)\<^sup>v]" + let ?\="\z. [r, \, leq, \, f_dot, fst(z)\<^sup>v, snd(z)\<^sup>v]" + let ?\'="\z. [fst(z)\<^sup>v, \, leq, \, f_dot, r, snd(z)\<^sup>v]" let ?\=" (\\(\\(\\(\\(\\(\\\\0 = 11\ \ \\1 = 7\ \ \\2 = 8\ \ \\3 = 9\ \ \\4 = 10\ \ \\5 = 6\ \ (\p. incr_bv(p)`6)^6 (\) \\\\\\\)\)\)\)\)\)" let ?f_fm="hcomp_fm(check_fm(5),fst_fm,1,0)" let ?g_fm="hcomp_fm(check_fm(6),snd_fm,2,0)" note assms moreover have "?f_fm \ formula" "arity(?f_fm) \ 7" "?g_fm \ formula" "arity(?g_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) moreover from assms have fm:"?\\formula" by simp moreover from \\ \ formula\ \arity(\) \ 7\ have "arity(\) = 0 \ arity(\) = 1 \ arity(\) = 2 \ arity(\) = 3 \ arity(\) = 4 \ arity(\) = 5 \ arity(\) = 6 \ arity(\) = 7" unfolding lt_def by auto with calculation and \\ \ formula\ have ar:"arity(?\) \ 7" using arity_incr_bv_lemma by safe (simp_all add: arity ord_simp_union) moreover from calculation have sep:"separation(##M,\z. M,?\'(z)\?\)" using separation_sat_after_function sats_check_fm check_abs fst_abs snd_abs unfolding hcomp_fm_def by simp moreover from assms have "?\(z) \ list(M)" if "(##M)(z)" for z using that by simp moreover from calculation and \r \ M\ \\ \ formula\ have "(M,?\(z) \ \) \ (M,?\'(z)\?\)" if "(##M)(z)" for z using that sats_incr_bv_iff[of _ _ M _ "[_,_,_,_,_,_]"] by simp ultimately show ?thesis using separation_cong[THEN iffD1,OF _ sep] by simp qed lemma separation_leq_and_forces_apply_aux: assumes "f_dot\M" "B\M" shows "\n\M. separation(##M, \x. snd(x) \ fst(x) \ - (\b\B. M, [snd(x), P, leq, \, f_dot, (\(n))\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ )))" + (\b\B. M, [snd(x), \, leq, \, f_dot, (\(n))\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ )))" proof - have pred_nat_closed: "pred(n)\M" if "n\M" for n using nat_case_closed that unfolding pred_def by auto - have "separation(##M, \z. M, [snd(fst(z)), P, leq, \, f_dot, \, snd(z)\<^sup>v] \ \)" + have "separation(##M, \z. M, [snd(fst(z)), \, leq, \, f_dot, \, snd(z)\<^sup>v] \ \)" if "\\formula" "arity(\) \ 7" "\\M" for \ \ proof - let ?f_fm="hcomp_fm(snd_fm,fst_fm,1,0)" let ?g_fm="hcomp_fm(check_fm(6),snd_fm,2,0)" note assms moreover have "?f_fm \ formula" "arity(?f_fm) \ 7" "?g_fm \ formula" "arity(?g_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function sats_check_fm check_abs fst_abs snd_abs that unfolding hcomp_fm_def by simp qed with assms show ?thesis using separation_in lam_replacement_constant lam_replacement_snd lam_replacement_fst lam_replacement_product pred_nat_closed arity_forces[of " \0`1 is 2\"] arity_fun_apply_fm[of 0 1 2] ord_simp_union by(clarify,rule_tac separation_conj,simp_all,rule_tac separation_bex,simp_all) qed lemma separation_leq_and_forces_apply_aux': assumes "f_dot\M" "p\M" "B\M" shows "separation (##M, \p . snd(snd(p)) \ fst(snd(p)) \ - (\b\B. M, [snd(snd(p)), P, leq, \, f_dot, (\fst(p))\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ )))" + (\b\B. M, [snd(snd(p)), \, leq, \, f_dot, (\fst(p))\<^sup>v, b\<^sup>v] \ forces(\0`1 is 2\ )))" proof - - have "separation(##M, \z. M, [snd(snd(fst(z))), P, leq, \, f_dot, (\fst(fst(z)))\<^sup>v, snd(z)\<^sup>v] \ \)" + have "separation(##M, \z. M, [snd(snd(fst(z))), \, leq, \, f_dot, (\fst(fst(z)))\<^sup>v, snd(z)\<^sup>v] \ \)" if "\\formula" "arity(\) \ 7" for \ proof - let ?f_fm="hcomp_fm(snd_fm,hcomp_fm(snd_fm,fst_fm),1,0)" let ?g="\z . (\(fst(fst(z))))\<^sup>v" let ?g_fm="hcomp_fm(check_fm(6),hcomp_fm(big_union_fm,hcomp_fm(fst_fm,fst_fm)),2,0)" let ?h_fm="hcomp_fm(check_fm(7),snd_fm,3,0)" note assms moreover have f_fm_facts:"?f_fm \ formula" "arity(?f_fm) \ 6" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) moreover from assms have "?g_fm \ formula" "arity(?g_fm) \ 7" "?h_fm \ formula" "arity(?h_fm) \ 8" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function3[OF _ _ _ f_fm_facts] check_abs sats_check_fm that fst_abs snd_abs sats_fst_fm sats_snd_fm unfolding hcomp_fm_def by simp qed with assms show ?thesis using separation_conj separation_bex lam_replacement_constant lam_replacement_hcomp lam_replacement_fst lam_replacement_snd arity_forces[of " \0`1 is 2\"] arity_fun_apply_fm[of 0 1 2] ord_simp_union separation_in[OF _ lam_replacement_product] by simp qed lemma separation_closed_leq_and_forces_eq_check_aux : assumes "A\M" "r\G" "\ \ M" - shows "(##M)({q\P. \h\A. q \ r \ q \ \0 = 1\ [\, h\<^sup>v]})" + shows "(##M)({q\\. \h\A. q \ r \ q \ \0 = 1\ [\, h\<^sup>v]})" proof - - have "separation(##M, \z. M, [fst(z), P, leq, \, \, snd(z)\<^sup>v] \ \)" if + have "separation(##M, \z. M, [fst(z), \, leq, \, \, snd(z)\<^sup>v] \ \)" if "\\formula" "arity(\) \ 6" for \ proof - let ?f_fm="fst_fm(1,0)" let ?g_fm="hcomp_fm(check_fm(6),snd_fm,2,0)" note assms moreover have "?f_fm \ formula" "arity(?f_fm) \ 6" "?g_fm \ formula" "arity(?g_fm) \ 7" using ord_simp_union unfolding hcomp_fm_def by (simp_all add:arity) ultimately show ?thesis using separation_sat_after_function_1 sats_fst_fm that fst_abs snd_abs sats_snd_fm sats_check_fm check_abs unfolding hcomp_fm_def by simp qed with assms show ?thesis using separation_conj separation_in G_subset_M[THEN subsetD] lam_replacement_constant lam_replacement_fst lam_replacement_product arity_forces[of "\0 = 1\",simplified] ord_simp_union by(rule_tac separation_closed[OF separation_bex],simp_all) qed lemma separation_closed_forces_apply_aux: assumes "B\M" "f_dot\M" "r\M" shows "(##M)({\n,b\ \ \ \ B. r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]})" using nat_in_M assms transitivity[OF _ \B\M\] nat_into_M separation_check_fst_snd_aux arity_forces[of " \0`1 is 2\"] arity_fun_apply_fm[of 0 1 2] ord_simp_union unfolding split_def by simp_all \ \Kunen IV.6.9 (3)$\Rightarrow$(2), with general domain.\ lemma kunen_IV_6_9_function_space_rel_eq: - assumes "\p \. p \ \0:1\2\ [\, A\<^sup>v, B\<^sup>v] \ p\P \ \ \ M \ - \q\P. \h\A \\<^bsup>M\<^esup> B. q \ p \ q \ \0 = 1\ [\, h\<^sup>v]" "A\M" "B\M" + assumes "\p \. p \ \0:1\2\ [\, A\<^sup>v, B\<^sup>v] \ p\\ \ \ \ M \ + \q\\. \h\A \\<^bsup>M\<^esup> B. q \ p \ q \ \0 = 1\ [\, h\<^sup>v]" "A\M" "B\M" shows "A \\<^bsup>M\<^esup> B = A \\<^bsup>M[G]\<^esup> B" proof (intro equalityI; clarsimp simp add: assms function_space_rel_char ext.function_space_rel_char) fix f assume "f \ A \ B" "f \ M[G]" moreover from this obtain \ where "val(G,\) = f" "\ \ M" using GenExtD by force moreover from calculation and \A\M\ \B\M\ obtain r where "r \ \0:1\2\ [\, A\<^sup>v, B\<^sup>v]" "r\G" using truth_lemma[of "\0:1\2\" "[\, A\<^sup>v, B\<^sup>v]"] typed_function_type arity_typed_function_fm val_check[OF one_in_G one_in_P] by (auto simp: union_abs2 union_abs1) moreover from \A\M\ \B\M\ \r\G\ \\ \ M\ - have "{q\P. \h\A \\<^bsup>M\<^esup> B. q \ r \ q \ \0 = 1\ [\, h\<^sup>v]} \ M" (is "?D \ M") + have "{q\\. \h\A \\<^bsup>M\<^esup> B. q \ r \ q \ \0 = 1\ [\, h\<^sup>v]} \ M" (is "?D \ M") using separation_closed_leq_and_forces_eq_check_aux by auto moreover from calculation and assms(2-) have "dense_below(?D, r)" using strengthening_lemma[of r "\0:1\2\" _ "[\, A\<^sup>v, B\<^sup>v]", THEN assms(1)[of _ \]] leq_transD generic_dests(1)[of r] by (auto simp: union_abs2 union_abs1 typed_function_type arity_typed_function_fm) blast moreover from calculation - obtain q h where "h\A \\<^bsup>M\<^esup> B" "q \ \0 = 1\ [\, h\<^sup>v]" "q \ r" "q\P" "q\G" + obtain q h where "h\A \\<^bsup>M\<^esup> B" "q \ \0 = 1\ [\, h\<^sup>v]" "q \ r" "q\\" "q\G" using generic_inter_dense_below[of ?D r] by blast note \q \ \0 = 1\ [\, h\<^sup>v]\ \\\M\ \h\A \\<^bsup>M\<^esup> B\ \A\M\ \B\M\ \q\G\ moreover from this have "map(val(G), [\, h\<^sup>v]) \ list(M[G])" "h\M" by (auto dest:transitivity) ultimately have "h = f" using truth_lemma[of "\0=1\" "[\, h\<^sup>v]"] val_check[OF one_in_G one_in_P] by (auto simp: ord_simp_union) with \h\M\ show "f \ M" by simp qed subsection\$(\omega+1)$-Closed notions preserve countable sequences\ \ \Kunen IV.7.15, only for countable sequences\ lemma succ_omega_closed_imp_no_new_nat_sequences: - assumes "succ(\)-closed\<^bsup>M\<^esup>(P,leq)" "f : \ \ B" "f\M[G]" "B\M" + assumes "succ(\)-closed\<^bsup>M\<^esup>(\,leq)" "f : \ \ B" "f\M[G]" "B\M" shows "f\M" proof - (* Nice jEdit folding level to read this: 7 *) text\The next long block proves that the assumptions of Lemma @{thm [source] kunen_IV_6_9_function_space_rel_eq} are satisfied.\ { fix p f_dot - assume "p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]" "p\P" "f_dot\M" - let ?subp="{q\P. q \ p}" - from \p\P\ + assume "p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]" "p\\" "f_dot\M" + let ?subp="{q\\. q \ p}" + from \p\\\ have "?subp \ M" - using first_section_closed[of P p "converse(leq)"] + using first_section_closed[of \ p "converse(leq)"] by (auto dest:transitivity) define S where "S \ \n\nat. {\q,r\ \ ?subp\?subp. r \ q \ (\b\B. r \ \0`1 is 2\ [f_dot, (\(n))\<^sup>v, b\<^sup>v])}" (is "S \ \n\nat. ?Y(n)") define S' where "S' \ \n\nat. {\q,r\ \ ?subp\?subp. r \ q \ (\b\B. r \ \0`1 is 2\ [f_dot, (pred(n))\<^sup>v, b\<^sup>v])}" \ \Towards proving \<^term>\S\M\.\ moreover have "S = S'" unfolding S_def S'_def using pred_nat_eq lam_cong by auto moreover from \B\M\ \?subp\M\ \f_dot\M\ have "{r \ ?subp. \b\B. r \ \0`1 is 2\ [f_dot, (\(n))\<^sup>v, b\<^sup>v]} \ M" (is "?X(n) \ M") if "n\\" for n using that separation_check_snd_aux nat_into_M ord_simp_union arity_forces[of " \0`1 is 2\"] arity_fun_apply_fm by(rule_tac separation_closed[OF separation_bex,simplified], simp_all) moreover have "?Y(n) = (?subp \ ?X(n)) \ converse(leq)" for n by (intro equalityI) auto moreover - note \?subp \ M\ \B\M\ \p\P\ \f_dot\M\ + note \?subp \ M\ \B\M\ \p\\\ \f_dot\M\ moreover from calculation have "n \ \ \ ?Y(n) \ M" for n using nat_into_M by simp moreover from calculation have "S \ M" using separation_leq_and_forces_apply_aux separation_leq_and_forces_apply_aux' - transitivity[OF \p\P\] + transitivity[OF \p\\\] unfolding S_def split_def by(rule_tac lam_replacement_Collect'[THEN lam_replacement_imp_lam_closed,simplified], simp_all) ultimately have "S' \ M" by simp - from \p\P\ \f_dot\M\ \p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]\ \B\M\ - have exr:"\r\P. r \ q \ (\b\B. r \ \0`1 is 2\ [f_dot, pred(n)\<^sup>v, b\<^sup>v])" - if "q \ p" "q\P" "n\\" for q n + from \p\\\ \f_dot\M\ \p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]\ \B\M\ + have exr:"\r\\. r \ q \ (\b\B. r \ \0`1 is 2\ [f_dot, pred(n)\<^sup>v, b\<^sup>v])" + if "q \ p" "q\\" "n\\" for q n using that forcing_a_value by (auto dest:transitivity) have "\q\?subp. \n\\. \r\?subp. \q,r\ \ S'`n" proof - { fix q n assume "q \ ?subp" "n\\" moreover from this - have "q \ p" "q \ P" "pred(n) = \n" + have "q \ p" "q \ \" "pred(n) = \n" using pred_nat_eq by simp_all moreover from calculation and exr - obtain r where MM:"r \ q" "\b\B. r \ \0`1 is 2\ [f_dot, pred(n)\<^sup>v, b\<^sup>v]" "r\P" + obtain r where MM:"r \ q" "\b\B. r \ \0`1 is 2\ [f_dot, pred(n)\<^sup>v, b\<^sup>v]" "r\\" by blast - moreover from calculation \q \ p\ \p \ P\ + moreover from calculation \q \ p\ \p \ \\ have "r \ p" using leq_transD[of r q p] by auto ultimately have "\r\?subp. r \ q \ (\b\B. r \ \0`1 is 2\ [f_dot, (pred(n))\<^sup>v, b\<^sup>v])" by auto } then show ?thesis unfolding S'_def by simp qed - with \p\P\ \?subp \ M\ \S' \ M\ + with \p\\\ \?subp \ M\ \S' \ M\ obtain g where "g \ \ \\<^bsup>M\<^esup> ?subp" "g`0 = p" "\n \ nat. \g`n,g`succ(n)\\S'`succ(n)" using sequence_DC[simplified] refl_leq[of p] by blast moreover from this and \?subp \ M\ - have "g : \ \ P" "g \ M" - using fun_weaken_type[of g \ ?subp P] function_space_rel_char by auto + have "g : \ \ \" "g \ M" + using fun_weaken_type[of g \ ?subp \] function_space_rel_char by auto ultimately - have "g : \ \<^sub><\\<^bsup>M\<^esup> (P,converse(leq))" + have "g : \ \<^sub><\\<^bsup>M\<^esup> (\,converse(leq))" using decr_succ_decr[of g] leq_preord unfolding S'_def by (auto simp:absolut intro:leI) - moreover from \succ(\)-closed\<^bsup>M\<^esup>(P,leq)\ and this - have "\q\M. q \ P \ (\\\M. \ \ \ \ q \ g ` \)" + moreover from \succ(\)-closed\<^bsup>M\<^esup>(\,leq)\ and this + have "\q\M. q \ \ \ (\\\M. \ \ \ \ q \ g ` \)" using transitivity[simplified, of g] mono_seqspace_rel_closed[of \ _ "converse(leq)"] unfolding kappa_closed_rel_def by auto ultimately - obtain r where "r\P" "r\M" "\n\\. r \ g`n" + obtain r where "r\\" "r\M" "\n\\. r \ g`n" using nat_into_M by auto with \g`0 = p\ have "r \ p" by blast let ?h="{\n,b\ \ \ \ B. r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]}" have "function(?h)" proof (rule_tac functionI, rule_tac ccontr, auto simp del: app_Cons) fix n b b' assume "n \ \" "b \ b'" "b \ B" "b' \ B" moreover assume "r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]" "r \ \0`1 is 2\ [f_dot, n\<^sup>v, b'\<^sup>v]" moreover - note \r \ P\ + note \r \ \\ moreover from this have "\ r \ r" by (auto intro!:refl_leq) moreover note \f_dot\M\ \B\M\ ultimately show False using forces_neq_apply_imp_incompatible[of r f_dot "n\<^sup>v" b r b'] transitivity[of _ B] by (auto dest:transitivity) qed moreover have "range(?h) \ B" by auto moreover have "domain(?h) = \" proof - { fix n assume "n \ \" moreover from this have 1:"(\(n)) = pred(n)" using pred_nat_eq by simp moreover from calculation and \\n \ nat. \g`n,g`succ(n)\\S'`succ(n)\ obtain b where "g`(succ(n)) \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]" "b\B" unfolding S'_def by auto moreover from \B\M\ and calculation have "b \ M" "n \ M" by (auto dest:transitivity) moreover - note \g : \ \ P\ \\n\\. r \ g`n\ \r\P\ \f_dot\M\ + note \g : \ \ \\ \\n\\. r \ g`n\ \r\\\ \f_dot\M\ moreover from calculation have "r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]" using fun_apply_type arity_fun_apply_fm strengthening_lemma[of "g`succ(n)" "\0`1 is 2\" r "[f_dot, n\<^sup>v, b\<^sup>v]"] by (simp add: union_abs2 union_abs1) ultimately have "\b\B. r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]" by auto } then show ?thesis by force qed moreover have "relation(?h)" unfolding relation_def by simp moreover from \f_dot\M\ \r\M\ \B\M\ have "?h \ M" using separation_closed_forces_apply_aux by simp moreover note \B \ M\ ultimately have "?h: \ \\<^bsup>M\<^esup> B" using function_imp_Pi[THEN fun_weaken_type[of ?h _ "range(?h)" B]] function_space_rel_char by simp moreover - note \p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]\ \r \ p\ \r\P\ \p\P\ \f_dot\M\ \B\M\ + note \p \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]\ \r \ p\ \r\\\ \p\\\ \f_dot\M\ \B\M\ moreover from this have "r \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]" using strengthening_lemma[of p "\0:1\2\" r "[f_dot, \\<^sup>v, B\<^sup>v]"] typed_function_type arity_typed_function_fm by (auto simp: union_abs2 union_abs1) moreover note \?h\M\ moreover from calculation have "r \ \0 = 1\ [f_dot, ?h\<^sup>v]" proof (intro definition_of_forcing[THEN iffD2] allI impI, simp_all add:union_abs2 union_abs1 del:app_Cons) fix H let ?f="val(H,f_dot)" assume "M_generic(H) \ r \ H" moreover from this interpret g:G_generic1 _ _ _ _ _ H by unfold_locales simp - note \r\P\ \f_dot\M\ \B\M\ + note \r\\\ \f_dot\M\ \B\M\ moreover from calculation have "map(val(H), [f_dot, \\<^sup>v, B\<^sup>v]) \ list(M[H])" "r\H" by simp_all moreover from calculation and \r\H\ and \r \ \0:1\2\ [f_dot, \\<^sup>v, B\<^sup>v]\ have "?f : \ \ B" using g.truth_lemma[of "\0:1\2\" "[f_dot, \\<^sup>v, B\<^sup>v]",THEN iffD1] g.one_in_G one_in_P typed_function_type arity_typed_function_fm val_check by (auto simp: union_abs2 union_abs1) moreover have "?h`n = ?f`n" if "n \ \" for n proof - note \n \ \\ \domain(?h) = \\ moreover from this have "n\domain(?h)" by simp moreover from this obtain b where "r \ \0`1 is 2\ [f_dot, n\<^sup>v, b\<^sup>v]" "b\B" by force moreover note \function(?h)\ moreover from calculation have "b = ?h`n" using function_apply_equality by simp moreover note \B \ M\ moreover from calculation have "?h`n \ M" by (auto dest:transitivity) moreover - note \f_dot \ M\ \r \ P\ \M_generic(H) \ r \ H\ \map(val(H), [f_dot, \\<^sup>v, B\<^sup>v]) \ list(M[H])\ + note \f_dot \ M\ \r \ \\ \M_generic(H) \ r \ H\ \map(val(H), [f_dot, \\<^sup>v, B\<^sup>v]) \ list(M[H])\ moreover from calculation have "[?f, n, ?h`n] \ list(M[H])" using M_subset_MG nat_into_M[of n] g.one_in_G by (auto dest:transitivity) ultimately show ?thesis using definition_of_forcing[of r "\0`1 is 2\" "[f_dot, n\<^sup>v, b\<^sup>v]", THEN iffD1, rule_format, of H]\ \without this line is slower\ val_check g.one_in_G one_in_P nat_into_M by (auto dest:transitivity simp add:fun_apply_type arity_fun_apply_fm union_abs2 union_abs1) qed with calculation and \B\M\ \?h: \ \\<^bsup>M\<^esup> B\ have "?h = ?f" using function_space_rel_char by (rule_tac fun_extension[of ?h \ "\_.B" ?f]) auto ultimately show "?f = val(H, ?h\<^sup>v)" using val_check g.one_in_G one_in_P generic by simp qed ultimately - have "\r\P. \h\\ \\<^bsup>M\<^esup> B. r \ p \ r \ \0 = 1\ [f_dot, h\<^sup>v]" + have "\r\\. \h\\ \\<^bsup>M\<^esup> B. r \ p \ r \ \0 = 1\ [f_dot, h\<^sup>v]" by blast } moreover note \B \ M\ assms moreover from calculation have "f : \ \\<^bsup>M\<^esup> B" using kunen_IV_6_9_function_space_rel_eq function_space_rel_char ext.mem_function_space_rel_abs by auto ultimately show ?thesis by (auto dest:transitivity) qed declare mono_seqspace_rel_closed[rule del] \ \Mysteriously breaks the end of the next proof\ lemma succ_omega_closed_imp_no_new_reals: - assumes "succ(\)-closed\<^bsup>M\<^esup>(P,leq)" + assumes "succ(\)-closed\<^bsup>M\<^esup>(\,leq)" shows "\ \\<^bsup>M\<^esup> 2 = \ \\<^bsup>M[G]\<^esup> 2" proof - from assms have "\ \\<^bsup>M[G]\<^esup> 2 \ \ \\<^bsup>M\<^esup> 2" using succ_omega_closed_imp_no_new_nat_sequences function_space_rel_char ext.function_space_rel_char Aleph_rel_succ Aleph_rel_zero by auto then show ?thesis using function_space_rel_transfer by (intro equalityI) auto qed lemma succ_omega_closed_imp_Aleph_1_preserved: - assumes "succ(\)-closed\<^bsup>M\<^esup>(P,leq)" + assumes "succ(\)-closed\<^bsup>M\<^esup>(\,leq)" shows "\\<^bsub>1\<^esub>\<^bsup>M\<^esup> = \\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup>" proof - have "\\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup> \ \\<^bsub>1\<^esub>\<^bsup>M\<^esup>" proof (rule ccontr) assume "\ \\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup> \ \\<^bsub>1\<^esub>\<^bsup>M\<^esup>" then have "\\<^bsub>1\<^esub>\<^bsup>M\<^esup> < \\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup>" \ \Ridiculously complicated proof\ using Card_rel_is_Ord ext.Card_rel_is_Ord not_le_iff_lt[THEN iffD1] by auto then have "|\\<^bsub>1\<^esub>\<^bsup>M\<^esup>|\<^bsup>M[G]\<^esup> \ \" using ext.Card_rel_lt_csucc_rel_iff ext.Aleph_rel_zero ext.Aleph_rel_succ ext.Card_rel_nat by (auto intro!:ext.lt_csucc_rel_iff[THEN iffD1] intro:Card_rel_Aleph_rel[THEN Card_rel_is_Ord, of 1]) then obtain f where "f \ inj(\\<^bsub>1\<^esub>\<^bsup>M\<^esup>,\)" "f \ M[G]" using ext.countable_rel_iff_cardinal_rel_le_nat[of "\\<^bsub>1\<^esub>\<^bsup>M\<^esup>", THEN iffD2] unfolding countable_rel_def lepoll_rel_def by auto then obtain g where "g \ surj\<^bsup>M[G]\<^esup>(\, \\<^bsub>1\<^esub>\<^bsup>M\<^esup>)" using ext.inj_rel_imp_surj_rel[of f _ \, OF _ zero_lt_Aleph_rel1[THEN ltD]] by auto moreover from this have "g : \ \ \\<^bsub>1\<^esub>\<^bsup>M\<^esup>" "g \ M[G]" using ext.surj_rel_char surj_is_fun by simp_all moreover - note \succ(\)-closed\<^bsup>M\<^esup>(P,leq)\ + note \succ(\)-closed\<^bsup>M\<^esup>(\,leq)\ ultimately have "g \ surj\<^bsup>M\<^esup>(\, \\<^bsub>1\<^esub>\<^bsup>M\<^esup>)" "g \ M" using succ_omega_closed_imp_no_new_nat_sequences mem_surj_abs ext.mem_surj_abs by simp_all then show False using surj_rel_implies_cardinal_rel_le[of g \ "\\<^bsub>1\<^esub>\<^bsup>M\<^esup>"] Card_rel_nat[THEN Card_rel_cardinal_rel_eq] Card_rel_is_Ord not_le_iff_lt[THEN iffD2, OF _ _ nat_lt_Aleph_rel1] by simp qed then show ?thesis using Aleph_rel_le_Aleph_rel by (rule_tac le_anti_sym) simp qed end \ \bundle G\_generic1\_lemmas\ end \ \\<^locale>\G_generic3_AC\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Names.thy b/thys/Independence_CH/Names.thy --- a/thys/Independence_CH/Names.thy +++ b/thys/Independence_CH/Names.thy @@ -1,637 +1,637 @@ section\Names and generic extensions\ theory Names imports Forcing_Data FrecR_Arities ZF_Trans_Interpretations begin definition Hv :: "[i,i,i]\i" where "Hv(G,x,f) \ { z . y\ domain(x), (\p\G. \y,p\ \ x) \ z=f`y}" text\The funcion \<^term>\val\ interprets a name in \<^term>\M\ according to a (generic) filter \<^term>\G\. Note the definition in terms of the well-founded recursor.\ definition val :: "[i,i]\i" where "val(G,\) \ wfrec(edrel(eclose({\})), \ ,Hv(G))" definition GenExt :: "[i,i]\i" ("_[_]" [71,1]) where "M[G] \ {val(G,\). \ \ M}" lemma map_val_in_MG: assumes "env\list(M)" shows "map(val(G),env)\list(M[G])" unfolding GenExt_def using assms map_type2 by simp subsection\Values and check-names\ context forcing_data1 begin lemma name_components_in_M: assumes "\\,p\\\" "\ \ M" shows "\\M" "p\M" using assms transitivity pair_in_M_iff by auto definition Hcheck :: "[i,i] \ i" where "Hcheck(z,f) \ { \f`y,\\ . y \ z}" definition check :: "i \ i" where "check(x) \ transrec(x , Hcheck)" lemma checkD: "check(x) = wfrec(Memrel(eclose({x})), x, Hcheck)" unfolding check_def transrec_def .. lemma Hcheck_trancl:"Hcheck(y, restrict(f,Memrel(eclose({x}))-``{y})) = Hcheck(y, restrict(f,(Memrel(eclose({x}))^+)-``{y}))" unfolding Hcheck_def using restrict_trans_eq by simp lemma check_trancl: "check(x) = wfrec(rcheck(x), x, Hcheck)" using checkD wf_eq_trancl Hcheck_trancl unfolding rcheck_def by simp lemma rcheck_in_M : "x \ M \ rcheck(x) \ M" unfolding rcheck_def by (simp flip: setclass_iff) lemma rcheck_subset_M : "x \ M \ field(rcheck(x)) \ eclose({x})" unfolding rcheck_def using field_Memrel field_trancl by auto lemma aux_def_check: "x \ y \ wfrec(Memrel(eclose({y})), x, Hcheck) = wfrec(Memrel(eclose({x})), x, Hcheck)" by (rule wfrec_eclose_eq,auto simp add: arg_into_eclose eclose_sing) lemma def_check : "check(y) = { \check(w),\\ . w \ y}" proof - let ?r="\y. Memrel(eclose({y}))" have wfr: "\w . wf(?r(w))" using wf_Memrel .. then have "check(y)= Hcheck( y, \x\?r(y) -`` {y}. wfrec(?r(y), x, Hcheck))" using wfrec[of "?r(y)" y "Hcheck"] checkD by simp also have " ... = Hcheck( y, \x\y. wfrec(?r(y), x, Hcheck))" using under_Memrel_eclose arg_into_eclose by simp also have " ... = Hcheck( y, \x\y. check(x))" using aux_def_check checkD by simp finally show ?thesis using Hcheck_def by simp qed lemma def_checkS : fixes n assumes "n \ nat" shows "check(succ(n)) = check(n) \ {\check(n),\\}" proof - have "check(succ(n)) = {\check(i),\\ . i \ succ(n)} " using def_check by blast also have "... = {\check(i),\\ . i \ n} \ {\check(n),\\}" by blast also have "... = check(n) \ {\check(n),\\}" using def_check[of n,symmetric] by simp finally show ?thesis . qed lemma field_Memrel2 : assumes "x \ M" shows "field(Memrel(eclose({x}))) \ M" proof - have "field(Memrel(eclose({x}))) \ eclose({x})" "eclose({x}) \ M" using Ordinal.Memrel_type field_rel_subset assms eclose_least[OF trans_M] by auto then show ?thesis using subset_trans by simp qed lemma aux_def_val: assumes "z \ domain(x)" shows "wfrec(edrel(eclose({x})),z,Hv(G)) = wfrec(edrel(eclose({z})),z,Hv(G))" proof - let ?r="\x . edrel(eclose({x}))" have "z\eclose({z})" using arg_in_eclose_sing . moreover have "relation(?r(x))" using relation_edrel . moreover have "wf(?r(x))" using wf_edrel . moreover from assms have "tr_down(?r(x),z) \ eclose({z})" using tr_edrel_subset by simp ultimately have "wfrec(?r(x),z,Hv(G)) = wfrec[eclose({z})](?r(x),z,Hv(G))" using wfrec_restr by simp also from \z\domain(x)\ have "... = wfrec(?r(z),z,Hv(G))" using restrict_edrel_eq wfrec_restr_eq by simp finally show ?thesis . qed text\The next lemma provides the usual recursive expresion for the definition of \<^term>\val\.\ lemma def_val: "val(G,x) = {z . t\domain(x) , (\p\G . \t,p\\x) \ z=val(G,t)}" proof - let ?r="\\ . edrel(eclose({\}))" let ?f="\z\?r(x)-``{x}. wfrec(?r(x),z,Hv(G))" have "\\. wf(?r(\))" using wf_edrel by simp with wfrec [of _ x] have "val(G,x) = Hv(G,x,?f)" using val_def by simp also have " ... = Hv(G,x,\z\domain(x). wfrec(?r(x),z,Hv(G)))" using dom_under_edrel_eclose by simp also have " ... = Hv(G,x,\z\domain(x). val(G,z))" using aux_def_val val_def by simp finally show ?thesis using Hv_def by simp qed lemma val_mono : "x\y \ val(G,x) \ val(G,y)" by (subst (1 2) def_val, force) text\Check-names are the canonical names for elements of the ground model. Here we show that this is the case.\ -lemma val_check : "\ \ G \ \ \ P \ val(G,check(y)) = y" +lemma val_check : "\ \ G \ \ \ \ \ val(G,check(y)) = y" proof (induct rule:eps_induct) case (1 y) then show ?case proof - have "check(y) = { \check(w), \\ . w \ y}" (is "_ = ?C") using def_check . then have "val(G,check(y)) = val(G, {\check(w), \\ . w \ y})" by simp also have " ... = {z . t\domain(?C) , (\p\G . \t, p\\?C ) \ z=val(G,t) }" using def_val by blast also have " ... = {z . t\domain(?C) , (\w\y. t=check(w)) \ z=val(G,t) }" using 1 by simp also have " ... = {val(G,check(w)) . w\y }" by force finally show "val(G,check(y)) = y" using 1 by simp qed qed lemma val_of_name : - "val(G,{x\A\P. Q(x)}) = {z . t\A , (\p\P . Q(\t,p\) \ p \ G) \ z=val(G,t)}" + "val(G,{x\A\\. Q(x)}) = {z . t\A , (\p\\ . Q(\t,p\) \ p \ G) \ z=val(G,t)}" proof - let - ?n="{x\A\P. Q(x)}" and + ?n="{x\A\\. Q(x)}" and ?r="\\ . edrel(eclose({\}))" let ?f="\z\?r(?n)-``{?n}. val(G,z)" have wfR : "wf(?r(\))" for \ by (simp add: wf_edrel) have "domain(?n) \ A" by auto { fix t - assume H:"t \ domain({x \ A \ P . Q(x)})" + assume H:"t \ domain({x \ A \ \ . Q(x)})" then have "?f ` t = (if t \ ?r(?n)-``{?n} then val(G,t) else 0)" by simp moreover have "... = val(G,t)" using dom_under_edrel_eclose H if_P by auto } then - have Eq1: "t \ domain({x \ A \ P . Q(x)}) \ val(G,t) = ?f` t" for t + have Eq1: "t \ domain({x \ A \ \ . Q(x)}) \ val(G,t) = ?f` t" for t by simp have "val(G,?n) = {z . t\domain(?n), (\p \ G . \t,p\ \ ?n) \ z=val(G,t)}" by (subst def_val,simp) also - have "... = {z . t\domain(?n), (\p\P . \t,p\\?n \ p\G) \ z=?f`t}" + have "... = {z . t\domain(?n), (\p\\ . \t,p\\?n \ p\G) \ z=?f`t}" unfolding Hv_def by (auto simp add:Eq1) also - have "... = {z . t\domain(?n), (\p\P . \t,p\\?n \ p\G) \ z=(if t\?r(?n)-``{?n} then val(G,t) else 0)}" + have "... = {z . t\domain(?n), (\p\\ . \t,p\\?n \ p\G) \ z=(if t\?r(?n)-``{?n} then val(G,t) else 0)}" by (simp) also - have "... = { z . t\domain(?n), (\p\P . \t,p\\?n \ p\G) \ z=val(G,t)}" + have "... = { z . t\domain(?n), (\p\\ . \t,p\\?n \ p\G) \ z=val(G,t)}" proof - have "domain(?n) \ ?r(?n)-``{?n}" using dom_under_edrel_eclose by simp then have "\t\domain(?n). (if t\?r(?n)-``{?n} then val(G,t) else 0) = val(G,t)" by auto then - show "{ z . t\domain(?n), (\p\P . \t,p\\?n \ p\G) \ z=(if t\?r(?n)-``{?n} then val(G,t) else 0)} = - { z . t\domain(?n), (\p\P . \t,p\\?n \ p\G) \ z=val(G,t)}" + show "{ z . t\domain(?n), (\p\\ . \t,p\\?n \ p\G) \ z=(if t\?r(?n)-``{?n} then val(G,t) else 0)} = + { z . t\domain(?n), (\p\\ . \t,p\\?n \ p\G) \ z=val(G,t)}" by auto qed also - have " ... = { z . t\A, (\p\P . \t,p\\?n \ p\G) \ z=val(G,t)}" + have " ... = { z . t\A, (\p\\ . \t,p\\?n \ p\G) \ z=val(G,t)}" by force finally - show " val(G,?n) = { z . t\A, (\p\P . Q(\t,p\) \ p\G) \ z=val(G,t)}" + show " val(G,?n) = { z . t\A, (\p\\ . Q(\t,p\) \ p\G) \ z=val(G,t)}" by auto qed lemma val_of_name_alt : - "val(G,{x\A\P. Q(x)}) = {z . t\A , (\p\P\G . Q(\t,p\)) \ z=val(G,t) }" + "val(G,{x\A\\. Q(x)}) = {z . t\A , (\p\\\G . Q(\t,p\)) \ z=val(G,t) }" using val_of_name by force lemma val_only_names: "val(F,\) = val(F,{x\\. \t\domain(\). \p\F. x=\t,p\})" (is "_ = val(F,?name)") proof - have "val(F,?name) = {z . t\domain(?name), (\p\F. \t, p\ \ ?name) \ z=val(F, t)}" using def_val by blast also have " ... = {val(F, t). t\{y\domain(\). \p\F. \y, p\ \ \ }}" by blast also have " ... = {z . t\domain(\), (\p\F. \t, p\ \ \) \ z=val(F, t)}" by blast also have " ... = val(F, \)" using def_val[symmetric] by blast finally show ?thesis .. qed lemma val_only_pairs: "val(F,\) = val(F,{x\\. \t p. x=\t,p\})" proof have "val(F,\) = val(F,{x\\. \t\domain(\). \p\F. x=\t,p\})" (is "_ = val(F,?name)") using val_only_names . also have "... \ val(F,{x\\. \t p. x=\t,p\})" using val_mono[of ?name "{x\\. \t p. x=\t,p\}"] by auto finally show "val(F,\) \ val(F,{x\\. \t p. x=\t,p\})" by simp next show "val(F,{x\\. \t p. x=\t,p\}) \ val(F,\)" using val_mono[of "{x\\. \t p. x=\t,p\}"] by auto qed lemma val_subset_domain_times_range: "val(F,\) \ val(F,domain(\)\range(\))" using val_only_pairs[THEN equalityD1] val_mono[of "{x \ \ . \t p. x = \t, p\}" "domain(\)\range(\)"] by blast lemma val_of_elem: "\\,p\ \ \ \ p\G \ val(G,\) \ val(G,\)" proof - assume "\\,p\ \ \" then have "\\domain(\)" by auto assume "p\G" with \\\domain(\)\ \\\,p\ \ \\ have "val(G,\) \ {z . t\domain(\) , (\p\G . \t, p\\\) \ z=val(G,t) }" by auto then show ?thesis by (subst def_val) qed lemma elem_of_val: "x\val(G,\) \ \\\domain(\). val(G,\) = x" by (subst (asm) def_val,auto) lemma elem_of_val_pair: "x\val(G,\) \ \\. \p\G. \\,p\\\ \ val(G,\) = x" by (subst (asm) def_val,auto) lemma elem_of_val_pair': assumes "\\M" "x\val(G,\)" shows "\\\M. \p\G. \\,p\\\ \ val(G,\) = x" proof - from assms obtain \ p where "p\G" "\\,p\\\" "val(G,\) = x" using elem_of_val_pair by blast moreover from this \\\M\ have "\\M" using pair_in_M_iff[THEN iffD1, THEN conjunct1, simplified] transitivity by blast ultimately show ?thesis by blast qed lemma GenExtD: "x \ M[G] \ \\\M. x = val(G,\)" by (simp add:GenExt_def) lemma GenExtI: "x \ M \ val(G,x) \ M[G]" by (auto simp add: GenExt_def) lemma Transset_MG : "Transset(M[G])" proof - { fix vc y assume "vc \ M[G]" and "y \ vc" then obtain c where "c\M" "val(G,c)\M[G]" "y \ val(G,c)" using GenExtD by auto from \y \ val(G,c)\ obtain \ where "\\domain(c)" "val(G,\) = y" using elem_of_val by blast with trans_M \c\M\ have "y \ M[G]" using domain_trans GenExtI by blast } then show ?thesis using Transset_def by auto qed lemmas transitivity_MG = Transset_intf[OF Transset_MG] text\This lemma can be proved before having \<^term>\check_in_M\. At some point Miguel naïvely thought that the \<^term>\check_in_M\ could be proved using this argument.\ lemma check_nat_M : assumes "n \ nat" shows "check(n) \ M" using assms proof (induct n) case 0 then show ?case using zero_in_M by (subst def_check,simp) next case (succ x) have "\ \ M" using one_in_P P_sub_M subsetD by simp with \check(x)\M\ have "\check(x),\\ \ M" using pair_in_M_iff by simp then have "{\check(x),\\} \ M" using singleton_closed by simp with \check(x)\M\ have "check(x) \ {\check(x),\\} \ M" using Un_closed by simp then show ?case using \x\nat\ def_checkS by simp qed lemma def_PHcheck: assumes "z\M" "f\M" shows "Hcheck(z,f) = Replace(z,PHcheck(##M,\,f))" proof - from assms have "\f`x,\\ \ M" "f`x\M" if "x\z" for x using pair_in_M_iff transitivity that apply_closed by simp_all then have "{y . x \ z, y = \f ` x, \\} = {y . x \ z, y = \f ` x, \\ \ y\M \ f`x\M}" by simp then show ?thesis using \z\M\ \f\M\ transitivity unfolding Hcheck_def PHcheck_def RepFun_def by auto qed (* instance of replacement for hcheck *) lemma wfrec_Hcheck : assumes "X\M" shows "wfrec_replacement(##M,is_Hcheck(##M,\),rcheck(X))" proof - let ?f="Exists(And(pair_fm(1,0,2), is_wfrec_fm(is_Hcheck_fm(8,2,1,0),4,1,0)))" have "is_Hcheck(##M,\,a,b,c) \ sats(M,is_Hcheck_fm(8,2,1,0),[c,b,a,d,e,y,x,z,\,rcheck(x)])" if "a\M" "b\M" "c\M" "d\M" "e\M" "y\M" "x\M" "z\M" for a b c d e y x z using that \X\M\ rcheck_in_M is_Hcheck_iff_sats zero_in_M by simp then have "sats(M,is_wfrec_fm(is_Hcheck_fm(8,2,1,0),4,1,0), [y,x,z,\,rcheck(X)]) \ is_wfrec(##M, is_Hcheck(##M,\),rcheck(X), x, y)" if "x\M" "y\M" "z\M" for x y z using that sats_is_wfrec_fm \X\M\ rcheck_in_M zero_in_M by simp moreover from this have satsf:"sats(M, ?f, [x,z,\,rcheck(X)]) \ (\y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hcheck(##M,\),rcheck(X), x, y))" if "x\M" "z\M" for x z using that \X\M\ rcheck_in_M by (simp del:pair_abs) moreover have artyf:"arity(?f) = 4" using arity_wfrec_replacement_fm[where p="is_Hcheck_fm(8, 2, 1, 0)" and i=9] arity_is_Hcheck_fm ord_simp_union by simp ultimately have "strong_replacement(##M,\x z. sats(M,?f,[x,z,\,rcheck(X)]))" using ZF_ground_replacements(2) artyf \X\M\ rcheck_in_M unfolding replacement_assm_def wfrec_Hcheck_fm_def by simp then have "strong_replacement(##M,\x z. \y\M. pair(##M,x,y,z) & is_wfrec(##M, is_Hcheck(##M,\),rcheck(X), x, y))" using repl_sats[of M ?f "[\,rcheck(X)]"] satsf by (simp del:pair_abs) then show ?thesis unfolding wfrec_replacement_def by simp qed lemma Hcheck_closed' : "f\M \ z\M \ {f ` x . x \ z} \ M" using RepFun_closed[OF lam_replacement_imp_strong_replacement] lam_replacement_apply apply_closed transM[of _ z] by simp lemma repl_PHcheck : assumes "f\M" shows "lam_replacement(##M,\x. Hcheck(x,f))" proof - have "Hcheck(x,f) = {f`y . y\x}\{\}" for x unfolding Hcheck_def by auto moreover note assms moreover from this have 1:"lam_replacement(##M, \x . {f`y . y\x}\{\})" using lam_replacement_RepFun_apply lam_replacement_constant lam_replacement_fst lam_replacement_snd singleton_closed cartprod_closed fst_snd_closed Hcheck_closed' by (rule_tac lam_replacement_CartProd[THEN [5] lam_replacement_hcomp2],simp_all) ultimately show ?thesis using singleton_closed cartprod_closed Hcheck_closed' by(rule_tac lam_replacement_cong[OF 1],auto) qed lemma univ_PHcheck : "\ z\M ; f\M \ \ univalent(##M,z,PHcheck(##M,\,f))" unfolding univalent_def PHcheck_def by simp lemma PHcheck_closed : "\z\M ; f\M ; x\z; PHcheck(##M,\,f,x,y) \ \ (##M)(y)" unfolding PHcheck_def by simp lemma relation2_Hcheck : "relation2(##M,is_Hcheck(##M,\),Hcheck)" proof - have "is_Replace(##M,z,PHcheck(##M,\,f),hc) \ hc = Replace(z,PHcheck(##M,\,f))" if "z\M" "f\M" "hc\M" for z f hc using that Replace_abs[OF _ _ univ_PHcheck] PHcheck_closed[of z f] by simp with def_PHcheck show ?thesis unfolding relation2_def is_Hcheck_def Hcheck_def by simp qed lemma Hcheck_closed : "\y\M. \g\M. Hcheck(y,g)\M" proof - have eq:"Hcheck(x,f) = {f`y . y\x}\{\}" for f x unfolding Hcheck_def by auto then have "Hcheck(y,g)\M" if "y\M" "g\M" for y g using eq that Hcheck_closed' cartprod_closed singleton_closed by simp then show ?thesis by auto qed lemma wf_rcheck : "x\M \ wf(rcheck(x))" unfolding rcheck_def using wf_trancl[OF wf_Memrel] . lemma trans_rcheck : "x\M \ trans(rcheck(x))" unfolding rcheck_def using trans_trancl . lemma relation_rcheck : "x\M \ relation(rcheck(x))" unfolding rcheck_def using relation_trancl . lemma check_in_M : "x\M \ check(x) \ M" using wfrec_Hcheck[of x] check_trancl wf_rcheck trans_rcheck relation_rcheck rcheck_in_M Hcheck_closed relation2_Hcheck trans_wfrec_closed[of "rcheck(x)"] by simp (* Internalization and absoluteness of rcheck\ *) lemma rcheck_abs[Rel] : "\ x\M ; r\M \ \ is_rcheck(##M,x,r) \ r = rcheck(x)" unfolding rcheck_def is_rcheck_def using singleton_closed trancl_closed Memrel_closed eclose_closed zero_in_M by simp lemma check_abs[Rel] : assumes "x\M" "z\M" shows "is_check(##M,\,x,z) \ z = check(x)" proof - have "is_check(##M,\,x,z) \ is_wfrec(##M,is_Hcheck(##M,\),rcheck(x),x,z)" unfolding is_check_def using assms rcheck_abs rcheck_in_M zero_in_M unfolding check_trancl is_check_def by simp then show ?thesis unfolding check_trancl using assms wfrec_Hcheck[of x] wf_rcheck trans_rcheck relation_rcheck rcheck_in_M Hcheck_closed relation2_Hcheck trans_wfrec_abs[of "rcheck(x)" x z "is_Hcheck(##M,\)" Hcheck] by (simp flip: setclass_iff) qed lemma check_lam_replacement: "lam_replacement(##M,check)" proof - have "arity(check_fm(2,0,1)) = 3" by (simp add:ord_simp_union arity) then have "Lambda(A, check) \ M" if "A\M" for A using that check_in_M transitivity[of _ A] sats_check_fm check_abs zero_in_M check_fm_type ZF_ground_replacements(3) by(rule_tac Lambda_in_M [of "check_fm(2,0,1)" "[\]"],simp_all) then show ?thesis using check_in_M lam_replacement_iff_lam_closed[THEN iffD2] by simp qed -lemma check_replacement: "{check(x). x\P} \ M" +lemma check_replacement: "{check(x). x\\} \ M" using lam_replacement_imp_strong_replacement_aux[OF check_lam_replacement] transitivity check_in_M RepFun_closed by simp_all lemma M_subset_MG : "\ \ G \ M \ M[G]" using check_in_M GenExtI by (intro subsetI, subst val_check [of G,symmetric], auto) text\The name for the generic filter\ definition G_dot :: "i" where - "G_dot \ {\check(p),p\ . p\P}" + "G_dot \ {\check(p),p\ . p\\}" lemma G_dot_in_M : "G_dot \ M" using lam_replacement_Pair[THEN [5] lam_replacement_hcomp2,OF check_lam_replacement lam_replacement_identity] check_in_M lam_replacement_imp_strong_replacement_aux transitivity check_in_M RepFun_closed pair_in_M_iff unfolding G_dot_def by simp lemma zero_in_MG : "0 \ M[G]" proof - have "0 = val(G,0)" using zero_in_M elem_of_val by auto also have "... \ M[G]" using GenExtI zero_in_M by simp finally show ?thesis . qed declare check_in_M [simp,intro] end \ \\<^locale>\forcing_data1\\ context G_generic1 begin lemma val_G_dot : "val(G,G_dot) = G" proof (intro equalityI subsetI) fix x assume "x\val(G,G_dot)" then obtain \ p where "p\G" "\\,p\ \ G_dot" "val(G,\) = x" "\ = check(p)" unfolding G_dot_def using elem_of_val_pair G_dot_in_M by force then show "x \ G" using G_subset_P one_in_G val_check P_sub_M by auto next fix p assume "p\G" - have "\check(q),q\ \ G_dot" if "q\P" for q + have "\check(q),q\ \ G_dot" if "q\\" for q unfolding G_dot_def using that by simp with \p\G\ have "val(G,check(p)) \ val(G,G_dot)" using val_of_elem G_dot_in_M by blast with \p\G\ show "p \ val(G,G_dot)" using one_in_G G_subset_P P_sub_M val_check by auto qed lemma G_in_Gen_Ext : "G \ M[G]" using G_subset_P one_in_G val_G_dot GenExtI[of _ G] G_dot_in_M by force lemmas generic_simps = val_check[OF one_in_G one_in_P] M_subset_MG[OF one_in_G, THEN subsetD] GenExtI P_in_M lemmas generic_dests = M_genericD M_generic_compatD bundle G_generic1_lemmas = generic_simps[simp] generic_dests[dest] end \ \\<^locale>\G_generic1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Not_CH.thy b/thys/Independence_CH/Not_CH.thy --- a/thys/Independence_CH/Not_CH.thy +++ b/thys/Independence_CH/Not_CH.thy @@ -1,593 +1,593 @@ section\Model of the negation of the Continuum Hypothesis\ theory Not_CH imports Cardinal_Preservation begin text\We are taking advantage that the poset of finite functions is absolute, and thus we work with the unrelativized \<^term>\Fn\. But it would have been more appropriate to do the following using the relative \<^term>\Fn_rel\. As it turns out, the present theory was developed prior to having \<^term>\Fn\ relativized! We also note that \<^term>\Fn(\,\\\,2)\ is separative, i.e. each \<^term>\X \ Fn(\,\\\,2)\ has two incompatible extensions; therefore we may recover part of our previous theorem @{thm [source] extensions_of_ctms_ZF}. But that result also included the possibility of not having $\AC$ in the ground model, which would not be sensible in a context where the cardinality of the continuum is under discussion. It is also the case that @{thm [source] extensions_of_ctms_ZF} was historically our first formalized result (with a different proof) that showed the forcing machinery had all of its elements in place.\ abbreviation Add_subs :: "i \ i" where "Add_subs(\) \ Fn(\,\\\,2)" abbreviation Add_le :: "i \ i" where "Add_le(\) \ Fnle(\,\ \ \,2)" lemma (in M_aleph) Aleph_rel2_closed[intro,simp]: "M(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>)" using nat_into_Ord by simp locale M_master = M_cohen + M_library + assumes UN_lepoll_assumptions: "M(A) \ M(b) \ M(f) \ M(A') \ separation(M, \y. \x\A'. y = \x, \ i. x\if_range_F_else_F((`)(A), b, f, i)\)" subsection\Non-absolute concepts between extensions\ sublocale M_master \ M_Pi_replacement by unfold_locales locale M_master_sub = M_master + N:M_aleph N for N + assumes M_imp_N: "M(x) \ N(x)" and Ord_iff: "Ord(x) \ M(x) \ N(x)" sublocale M_master_sub \ M_N_Perm using M_imp_N by unfold_locales context M_master_sub begin lemma cardinal_rel_le_cardinal_rel: "M(X) \ |X|\<^bsup>N\<^esup> \ |X|\<^bsup>M\<^esup>" using M_imp_N N.lepoll_rel_cardinal_rel_le[OF lepoll_rel_transfer Card_rel_is_Ord] cardinal_rel_eqpoll_rel[THEN eqpoll_rel_sym, THEN eqpoll_rel_imp_lepoll_rel] by simp lemma Aleph_rel_sub_closed: "Ord(\) \ M(\) \ N(\\<^bsub>\\<^esub>\<^bsup>M\<^esup>)" using Ord_iff[THEN iffD1, OF Card_rel_Aleph_rel[THEN Card_rel_is_Ord]] by simp lemma Card_rel_imp_Card_rel: "Card\<^bsup>N\<^esup>(\) \ M(\) \ Card\<^bsup>M\<^esup>(\)" using N.Card_rel_is_Ord[of \] M_imp_N Ord_cardinal_rel_le[of \] cardinal_rel_le_cardinal_rel[of \] le_anti_sym unfolding Card_rel_def by auto lemma csucc_rel_le_csucc_rel: assumes "Ord(\)" "M(\)" shows "(\\<^sup>+)\<^bsup>M\<^esup> \ (\\<^sup>+)\<^bsup>N\<^esup>" proof - note assms moreover from this have "N(L) \ Card\<^bsup>N\<^esup>(L) \ \ < L \ M(L) \ Card\<^bsup>M\<^esup>(L) \ \ < L" (is "?P(L) \ ?Q(L)") for L using M_imp_N Ord_iff[THEN iffD2, of L] N.Card_rel_is_Ord lt_Ord Card_rel_imp_Card_rel by auto moreover from assms have "N((\\<^sup>+)\<^bsup>N\<^esup>)" "Card\<^bsup>N\<^esup>((\\<^sup>+)\<^bsup>N\<^esup>)" "\ < (\\<^sup>+)\<^bsup>N\<^esup>" using N.lt_csucc_rel[of \] N.Card_rel_csucc_rel[of \] M_imp_N by simp_all ultimately show ?thesis using M_imp_N Least_antitone[of _ ?P ?Q] unfolding csucc_rel_def by blast qed lemma Aleph_rel_le_Aleph_rel: "Ord(\) \ M(\) \ \\<^bsub>\\<^esub>\<^bsup>M\<^esup> \ \\<^bsub>\\<^esub>\<^bsup>N\<^esup>" proof (induct rule:trans_induct3) case 0 then show ?case using Aleph_rel_zero N.Aleph_rel_zero by simp next case (succ x) then have "\\<^bsub>x\<^esub>\<^bsup>M\<^esup> \ \\<^bsub>x\<^esub>\<^bsup>N\<^esup>" "Ord(x)" "M(x)" by simp_all moreover from this have "(\\<^bsub>x\<^esub>\<^bsup>M\<^esup>\<^sup>+)\<^bsup>M\<^esup> \ (\\<^bsub>x\<^esub>\<^bsup>N\<^esup>\<^sup>+)\<^bsup>M\<^esup>" using M_imp_N Ord_iff[THEN iffD2, OF N.Card_rel_is_Ord] by (intro csucc_rel_le_mono) simp_all moreover from calculation have "(\\<^bsub>x\<^esub>\<^bsup>N\<^esup>\<^sup>+)\<^bsup>M\<^esup> \ (\\<^bsub>x\<^esub>\<^bsup>N\<^esup>\<^sup>+)\<^bsup>N\<^esup>" using M_imp_N N.Card_rel_is_Ord Ord_iff[THEN iffD2, OF N.Card_rel_is_Ord] by (intro csucc_rel_le_csucc_rel) auto ultimately show ?case using M_imp_N Aleph_rel_succ N.Aleph_rel_succ csucc_rel_le_csucc_rel le_trans by auto next case (limit x) then show ?case using M_imp_N Aleph_rel_limit N.Aleph_rel_limit by simp (blast dest: transM intro!:le_implies_UN_le_UN) qed end \ \\<^locale>\M_master_sub\\ lemmas (in M_ZF2_trans) sep_instances = separation_ifrangeF_body separation_ifrangeF_body2 separation_ifrangeF_body3 separation_ifrangeF_body4 separation_ifrangeF_body5 separation_ifrangeF_body6 separation_ifrangeF_body7 separation_cardinal_rel_lesspoll_rel separation_is_dcwit_body separation_cdltgamma separation_cdeqgamma lemmas (in M_ZF2_trans) repl_instances = lam_replacement_inj_rel sublocale M_ZFC2_ground_notCH_trans \ M_master "##M" using replacement_trans_apply_image by unfold_locales (simp_all add:repl_instances sep_instances del:setclass_iff add: transrec_replacement_def wfrec_replacement_def) sublocale M_ZFC2_trans \ M_Pi_replacement "##M" by unfold_locales subsection\Cohen forcing is ccc\ context M_ctm2_AC begin lemma ccc_Add_subs_Aleph_2: "ccc\<^bsup>M\<^esup>(Add_subs(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>),Add_le(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>))" proof - interpret M_add_reals "##M" "\\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \" by unfold_locales blast show ?thesis using ccc_rel_Fn_nat by fast qed end \ \\<^locale>\M_ctm2_AC\\ sublocale G_generic3_AC \ M_master_sub "##M" "##(M[G])" using M_subset_MG[OF one_in_G] generic Ord_MG_iff by unfold_locales auto lemma (in M_trans) mem_F_bound4: fixes F A defines "F \ (`)" shows "x\F(A,c) \ c \ (range(f) \ domain(A))" using apply_0 unfolding F_def by (cases "M(c)", auto simp:F_def) lemma (in M_trans) mem_F_bound5: fixes F A defines "F \ \_ x. A`x " shows "x\F(A,c) \ c \ (range(f) \ domain(A))" using apply_0 unfolding F_def by (cases "M(c)", auto simp:F_def drSR_Y_def dC_F_def) sublocale M_ctm2_AC \ M_replacement_lepoll "##M" "(`)" using UN_lepoll_assumptions lam_replacement_apply lam_replacement_inj_rel mem_F_bound4 apply_0 lam_replacement_minimum unfolding lepoll_assumptions_defs proof (unfold_locales, rule_tac [3] lam_Least_assumption_general[where U=domain, OF _ mem_F_bound4], simp_all) fix A i x assume "A \ M" "x \ M" "x \ A ` i" then show "i \ M" using apply_0[of i A] transM[of _ "domain(A)", simplified] by force qed context G_generic3_AC begin context includes G_generic1_lemmas begin lemma G_in_MG: "G \ M[G]" using G_in_Gen_Ext by blast lemma ccc_preserves_Aleph_succ: - assumes "ccc\<^bsup>M\<^esup>(P,leq)" "Ord(z)" "z \ M" + assumes "ccc\<^bsup>M\<^esup>(\,leq)" "Ord(z)" "z \ M" shows "Card\<^bsup>M[G]\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" proof (rule ccontr) assume "\ Card\<^bsup>M[G]\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" moreover note \z \ M\ \Ord(z)\ moreover from this have "Ord(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" using Card_rel_is_Ord by fastforce ultimately obtain \ f where "\ < \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>" "f \ surj\<^bsup>M[G]\<^esup>(\, \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" using ext.lt_surj_rel_empty_imp_Card_rel M_subset_MG[OF one_in_G] by force moreover from this and \z\M\ \Ord(z)\ have "\ \ M" "f \ M[G]" using ext.trans_surj_rel_closed by (auto dest:transM ext.transM dest!:ltD) moreover - note \ccc\<^bsup>M\<^esup>(P,leq)\ \z\M\ + note \ccc\<^bsup>M\<^esup>(\,leq)\ \z\M\ ultimately obtain F where "F:\\Pow\<^bsup>M\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" "\\\\. f`\ \ F`\" "\\\\. |F`\|\<^bsup>M\<^esup> \ \" "F \ M" using ccc_fun_approximation_lemma[of \ "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>" f] ext.mem_surj_abs[of f \ "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>"] \Ord(z)\ surj_is_fun[of f \ "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>"] by auto then have "\ \ \ \ |F`\|\<^bsup>M\<^esup> \ \\<^bsub>0\<^esub>\<^bsup>M\<^esup>" for \ using Aleph_rel_zero by simp have "w \ F ` x \ x \ M" for w x proof - fix w x assume "w \ F`x" then have "x \ domain(F)" using apply_0 by auto with \F:\\Pow\<^bsup>M\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)\ \\ \ M\ show "x \ M" using domain_of_fun by (auto dest:transM) qed with \\ \ M\ \F:\\Pow\<^bsup>M\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)\ \F\M\ interpret M_cardinal_UN_lepoll "##M" "\\. F`\" \ using UN_lepoll_assumptions lepoll_assumptions lam_replacement_apply lam_replacement_inj_rel lam_replacement_minimum proof (unfold_locales, auto dest:transM simp del:if_range_F_else_F_def) fix f b assume "b\M" "f\M" with \F\M\ show "lam_replacement(##M, \x. \ i. x \ if_range_F_else_F((`)(F), b, f, i))" using UN_lepoll_assumptions mem_F_bound5 by (rule_tac lam_Least_assumption_general[where U="domain", OF _ mem_F_bound5]) simp_all qed from \\ < \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>\ \\ \ M\ \Ord(z)\ \z\M\ have "\ \\<^bsup>M\<^esup> \\<^bsub>z\<^esub>\<^bsup>M\<^esup>" using cardinal_rel_lt_csucc_rel_iff[of "\\<^bsub>z\<^esub>\<^bsup>M\<^esup>" \] le_Card_rel_iff[of "\\<^bsub>z\<^esub>\<^bsup>M\<^esup>" \] Aleph_rel_succ[of z] Card_rel_lt_iff[of \ "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>"] lt_Ord[of \ "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>"] Card_rel_csucc_rel[of "\\<^bsub>z\<^esub>\<^bsup>M\<^esup>"] Card_rel_Aleph_rel[THEN Card_rel_is_Ord] by simp with \\ < \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>\ \\\\\. |F`\|\<^bsup>M\<^esup> \ \\ \\ \ M\ assms have "|\\\\. F`\|\<^bsup>M\<^esup> \ \\<^bsub>z\<^esub>\<^bsup>M\<^esup>" using InfCard_rel_Aleph_rel[of z] Aleph_rel_zero subset_imp_lepoll_rel[THEN lepoll_rel_imp_cardinal_rel_le, of "\\\\. F`\" "\\<^bsub>z\<^esub>\<^bsup>M\<^esup>"] Aleph_rel_succ Aleph_rel_increasing[THEN leI, THEN [2] le_trans, of _ 0 z] Ord_0_lt_iff[THEN iffD1, of z] by (cases "0z\M\ \Ord(z)\ moreover from \\\\\. f`\ \ F`\\ \f \ surj\<^bsup>M[G]\<^esup>(\, \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)\ \\ \ M\ \f \ M[G]\ and this have "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup> \ (\\\\. F`\)" using ext.mem_surj_abs by (force simp add:surj_def) moreover from \F \ M\ \\ \ M\ have "(\x\\. F ` x) \ M" using j.B_replacement by (intro Union_closed[simplified] RepFun_closed[simplified]) (auto dest:transM) ultimately have "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup> \ \\<^bsub>z\<^esub>\<^bsup>M\<^esup>" using subset_imp_le_cardinal_rel[of "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>" "\\\\. F`\"] le_trans by auto with assms show "False" using Aleph_rel_increasing not_le_iff_lt[of "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>" "\\<^bsub>z\<^esub>\<^bsup>M\<^esup>"] Card_rel_Aleph_rel[THEN Card_rel_is_Ord] by auto qed end \ \bundle G\_generic1\_lemmas\ end \ \\<^locale>\G_generic3_AC\\ context M_ctm1 begin abbreviation Add :: "i" where "Add \ Fn(\, \\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \, 2)" end \ \\<^locale>\M_ctm1\\ locale add_generic3 = G_generic3_AC "Fn(\, \\<^bsub>2\<^esub>\<^bsup>##M\<^esup> \ \, 2)" "Fnle(\, \\<^bsub>2\<^esub>\<^bsup>##M\<^esup> \ \, 2)" 0 sublocale add_generic3 \ cohen_data \ "\\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \" 2 by unfold_locales auto context add_generic3 begin notation Leq (infixl "\" 50) notation Incompatible (infixl "\" 50) lemma Add_subs_preserves_Aleph_succ: "Ord(z) \ z\M \ Card\<^bsup>M[G]\<^esup>(\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>)" using ccc_preserves_Aleph_succ ccc_Add_subs_Aleph_2 by auto lemma Aleph_rel_nats_MG_eq_Aleph_rel_nats_M: includes G_generic1_lemmas assumes "z \ \" shows "\\<^bsub>z\<^esub>\<^bsup>M[G]\<^esup> = \\<^bsub>z\<^esub>\<^bsup>M\<^esup>" using assms proof (induct) case 0 show ?case by(rule trans[OF ext.Aleph_rel_zero Aleph_rel_zero[symmetric]]) next case (succ z) then have "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup> \ \\<^bsub>succ(z)\<^esub>\<^bsup>M[G]\<^esup>" using Aleph_rel_le_Aleph_rel nat_into_M by simp moreover from \z \ \\ have "\\<^bsub>z\<^esub>\<^bsup>M\<^esup> \ M[G]" "\\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup> \ M[G]" using nat_into_M by simp_all moreover from this and \\\<^bsub>z\<^esub>\<^bsup>M[G]\<^esup> = \\<^bsub>z\<^esub>\<^bsup>M\<^esup>\ \z \ \\ have "\\<^bsub>succ(z)\<^esub>\<^bsup>M[G]\<^esup> \ \\<^bsub>succ(z)\<^esub>\<^bsup>M\<^esup>" using ext.Aleph_rel_succ nat_into_M Add_subs_preserves_Aleph_succ[THEN ext.csucc_rel_le, of z] Aleph_rel_increasing[of z "succ(z)"] by simp ultimately show ?case using le_anti_sym by blast qed abbreviation f_G :: "i" (\f\<^bsub>G\<^esub>\) where "f\<^bsub>G\<^esub> \ \G" abbreviation dom_dense :: "i \ i" where "dom_dense(x) \ {p \ Add . x \ domain(p) }" declare (in M_ctm2_AC) Fn_nat_closed[simplified setclass_iff, simp, intro] declare (in M_ctm2_AC) Fnle_nat_closed[simp del, rule del, simplified setclass_iff, simp, intro] declare (in M_ctm2_AC) cexp_rel_closed[simplified setclass_iff, simp, intro] declare (in G_generic3_AC) ext.cexp_rel_closed[simplified setclass_iff, simp, intro] lemma dom_dense_closed[intro,simp]: "x \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \ \ dom_dense(x) \ M" using separation_in_domain[of x] nat_into_M by (rule_tac separation_closed[simplified], blast dest:transM) simp lemma domain_f_G: assumes "x \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup>" "y \ \" shows "\x, y\ \ domain(f\<^bsub>G\<^esub>)" proof - from assms have "Add = Fn\<^bsup>M\<^esup>(\,\\<^bsub>2\<^esub>\<^bsup>M\<^esup>\\,2)" using Fn_nat_abs by auto moreover from this have "Fnle(\,\\<^bsub>2\<^esub>\<^bsup>M\<^esup>\\,2) = Fnle\<^bsup>M\<^esup>(\,\\<^bsub>2\<^esub>\<^bsup>M\<^esup>\\,2)" unfolding Fnle_rel_def Fnle_def by auto moreover from calculation assms have "dense(dom_dense(\x, y\))" using dense_dom_dense[of "\x,y\" "\\<^bsub>2\<^esub>\<^bsup>M\<^esup>\\" \ 2] InfCard_rel_nat unfolding dense_def by auto with assms obtain p where "p\dom_dense(\x, y\)" "p\G" using M_generic_denseD[of "dom_dense(\x, y\)"] by auto then show "\x, y\ \ domain(f\<^bsub>G\<^esub>)" by blast qed lemma f_G_funtype: includes G_generic1_lemmas shows "f\<^bsub>G\<^esub> : \\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \ \ 2" using generic domain_f_G Pi_iff Un_filter_is_function generic subset_trans[OF filter_subset_notion Fn_nat_subset_Pow] by force lemma inj_dense_closed[intro,simp]: "w \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ x \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ inj_dense(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>,2,w,x) \ M" using transM[OF _ Aleph_rel2_closed] separation_conj separation_bex lam_replacement_product separation_in lam_replacement_fst lam_replacement_snd lam_replacement_constant lam_replacement_hcomp[OF lam_replacement_snd lam_replacement_restrict'] separation_bex separation_conj by simp lemma Aleph_rel2_new_reals: assumes "w \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup>" "x \ \\<^bsub>2\<^esub>\<^bsup>M\<^esup>" "w \ x" shows "(\n\\. f\<^bsub>G\<^esub> ` \w, n\) \ (\n\\. f\<^bsub>G\<^esub> ` \x, n\)" proof - have "0\2" by auto with assms have "dense(inj_dense(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>,2,w,x))" unfolding dense_def using dense_inj_dense by auto with assms obtain p where "p\inj_dense(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>,2,w,x)" "p\G" using M_generic_denseD[of "inj_dense(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>,2,w,x)"] by blast then obtain n where "n \ \" "\\w, n\, 1\ \ p" "\\x, n\, 0\ \ p" by blast moreover from this and \p\G\ have "\\w, n\, 1\ \ f\<^bsub>G\<^esub>" "\\x, n\, 0\ \ f\<^bsub>G\<^esub>" by auto moreover from calculation have "f\<^bsub>G\<^esub> ` \w, n\ = 1" "f\<^bsub>G\<^esub> ` \x, n\ = 0" using f_G_funtype apply_equality by auto ultimately have "(\n\\. f\<^bsub>G\<^esub> ` \w, n\) ` n \ (\n\\. f\<^bsub>G\<^esub> ` \x, n\) ` n" by simp then show ?thesis by fastforce qed definition h_G :: "i" (\h\<^bsub>G\<^esub>\) where "h\<^bsub>G\<^esub> \ \\\\\<^bsub>2\<^esub>\<^bsup>M\<^esup>. \n\\. f\<^bsub>G\<^esub>`\\,n\" lemma h_G_in_MG[simp]: includes G_generic1_lemmas shows "h\<^bsub>G\<^esub> \ M[G]" using ext.curry_closed[unfolded curry_def] G_in_MG unfolding h_G_def by simp lemma h_G_inj_Aleph_rel2_reals: "h\<^bsub>G\<^esub> \ inj\<^bsup>M[G]\<^esup>(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>, \ \\<^bsup>M[G]\<^esup> 2)" using Aleph_rel_sub_closed f_G_funtype G_in_MG Aleph_rel_sub_closed ext.curry_rel_exp[unfolded curry_def] ext.curry_closed[unfolded curry_def] ext.mem_function_space_rel_abs by (intro ext.mem_inj_abs[THEN iffD2],simp_all) (auto simp: inj_def h_G_def dest:Aleph_rel2_new_reals) lemma Aleph2_extension_le_continuum_rel: includes G_generic1_lemmas shows "\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup> \ 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>" proof - have "\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup> \\<^bsup>M[G]\<^esup> \ \\<^bsup>M[G]\<^esup> 2" using ext.def_lepoll_rel[of "\\<^bsub>2\<^esub>\<^bsup>M\<^esup>" "\ \\<^bsup>M[G]\<^esup> 2"] h_G_inj_Aleph_rel2_reals Aleph_rel_nats_MG_eq_Aleph_rel_nats_M by auto moreover from calculation have "\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup> \\<^bsup>M[G]\<^esup> |\ \\<^bsup>M[G]\<^esup> 2|\<^bsup>M[G]\<^esup>" using ext.lepoll_rel_imp_lepoll_rel_cardinal_rel by simp ultimately have "|\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup>|\<^bsup>M[G]\<^esup> \ 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>" using ext.lepoll_rel_imp_cardinal_rel_le[of "\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup>" "\ \\<^bsup>M[G]\<^esup> 2", OF _ _ ext.function_space_rel_closed] ext.Aleph_rel_zero unfolding cexp_rel_def by simp then show "\\<^bsub>2\<^esub>\<^bsup>M[G]\<^esup> \ 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>" using ext.Card_rel_Aleph_rel[of 2, THEN ext.Card_rel_cardinal_rel_eq] by simp qed lemma Aleph_rel_lt_continuum_rel: "\\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup> < 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>" using Aleph2_extension_le_continuum_rel ext.Aleph_rel_increasing[of 1 2] le_trans by auto corollary not_CH: "\\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup> \ 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>" using Aleph_rel_lt_continuum_rel by auto end \ \\<^locale>\add_generic3\\ subsection\Models of fragments of $\ZFC + \neg \CH$\ definition ContHyp :: "o" where "ContHyp \ \\<^bsub>1\<^esub> = 2\<^bsup>\\\<^bsub>0\<^esub>\<^esup>" relativize functional "ContHyp" "ContHyp_rel" notation ContHyp_rel (\CH\<^bsup>_\<^esup>\) relationalize "ContHyp_rel" "is_ContHyp" context M_ZF_library begin is_iff_rel for "ContHyp" using is_cexp_iff is_Aleph_iff[of 0] is_Aleph_iff[of 1] unfolding is_ContHyp_def ContHyp_rel_def by (auto simp del:setclass_iff) (rule rexI[of _ _ M, OF _ nonempty], auto) end \ \\<^locale>\M_ZF_library\\ synthesize "is_ContHyp" from_definition assuming "nonempty" arity_theorem for "is_ContHyp_fm" notation is_ContHyp_fm (\\CH\\) theorem ctm_of_not_CH: assumes "M \ \" "Transset(M)" "M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}" "\ \ formula" "M \ { \Replacement(ground_repl_fm(\))\ . \ \ \}" shows "\N. M \ N \ N \ \ \ Transset(N) \ N \ ZC \ {\\\CH\\} \ { \Replacement(\)\ . \ \ \} \ (\\. Ord(\) \ (\ \ M \ \ \ N))" proof - from \M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}\ interpret M_ZFC3 M using M_satT_overhead_imp_M_ZF3 unfolding overhead_notCH_def by force from \M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}\ \Transset(M)\ interpret M_ZF_ground_notCH_trans M using M_satT_imp_M_ZF_ground_notCH_trans unfolding ZC_def by auto from \M \ \\ obtain enum where "enum \ bij(\,M)" using eqpoll_sym unfolding eqpoll_def by blast then interpret M_ctm3_AC M enum by unfold_locales interpret cohen_data \ "\\<^bsub>2\<^esub>\<^bsup>M\<^esup> \ \" 2 by unfold_locales auto have "Add \ M" "Add_le(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>) \ M" using nat_into_M Aleph_rel_closed M_nat cartprod_closed Fn_nat_closed Fnle_nat_closed by simp_all then interpret forcing_data1 "Add" "Add_le(\\<^bsub>2\<^esub>\<^bsup>M\<^esup>)" 0 M enum by unfold_locales simp_all obtain G where "M_generic(G)" using generic_filter_existence[OF one_in_P] by auto moreover from this interpret add_generic3 M enum G by unfold_locales have "\ (\\<^bsub>1\<^esub>\<^bsup>M[G]\<^esup> = 2\<^bsup>\\\<^bsub>0\<^esub>\<^bsup>M[G]\<^esup>,M[G]\<^esup>)" using not_CH . then have "M[G], [] \ \\\CH\\" using ext.is_ContHyp_iff by (simp add:ContHyp_rel_def) then have "M[G] \ ZC \ {\\\CH\\}" using ext.M_satT_ZC by auto moreover have "Transset(M[G])" using Transset_MG . moreover have "M \ M[G]" using M_subset_MG[OF one_in_G] generic by simp moreover note \M \ { \Replacement(ground_repl_fm(\))\ . \ \ \}\ \\ \ formula\ ultimately show ?thesis using Ord_MG_iff MG_eqpoll_nat satT_ground_repl_fm_imp_satT_ZF_replacement_fm[of \] by (rule_tac x="M[G]" in exI, blast) qed lemma ZF_replacement_overhead_sub_ZFC: "{\Replacement(p)\ . p \ overhead} \ ZFC" using overhead_type unfolding ZFC_def ZF_def ZF_schemes_def by auto lemma ZF_replacement_overhead_notCH_sub_ZFC: "{\Replacement(p)\ . p \ overhead_notCH} \ ZFC" using overhead_notCH_type unfolding ZFC_def ZF_def ZF_schemes_def by auto lemma ZF_replacement_overhead_CH_sub_ZFC: "{\Replacement(p)\ . p \ overhead_CH} \ ZFC" using overhead_CH_type unfolding ZFC_def ZF_def ZF_schemes_def by auto corollary ctm_ZFC_imp_ctm_not_CH: assumes "M \ \" "Transset(M)" "M \ ZFC" shows "\N. M \ N \ N \ \ \ Transset(N) \ N \ ZFC \ {\\\CH\\} \ (\\. Ord(\) \ (\ \ M \ \ \ N))" proof- from assms have "\N. M \ N \ N \ \ \ Transset(N) \ N \ ZC \ N \ {\\\CH\\} \ N \ {\Replacement(x)\ . x \ formula} \ (\\. Ord(\) \ \ \ M \ \ \ N)" using ctm_of_not_CH[of M formula] satT_ZFC_imp_satT_ZC[of M] satT_mono[OF _ ground_repl_fm_sub_ZFC, of M] satT_mono[OF _ ZF_replacement_overhead_notCH_sub_ZFC, of M] satT_mono[OF _ ZF_replacement_fms_sub_ZFC, of M] by (simp add: satT_Un_iff) then obtain N where "N \ ZC" "N \ {\\\CH\\}" "N \ {\Replacement(x)\ . x \ formula}" "M \ N" "N \ \" "Transset(N)" "(\\. Ord(\) \ \ \ M \ \ \ N)" by auto moreover from this have "N \ ZFC" using satT_ZC_ZF_replacement_imp_satT_ZFC by auto moreover from this and \N \ {\\\CH\\}\ have "N \ ZFC \ {\\\CH\\}" by auto ultimately show ?thesis by auto qed end \ No newline at end of file diff --git a/thys/Independence_CH/Powerset_Axiom.thy b/thys/Independence_CH/Powerset_Axiom.thy --- a/thys/Independence_CH/Powerset_Axiom.thy +++ b/thys/Independence_CH/Powerset_Axiom.thy @@ -1,266 +1,266 @@ section\The Powerset Axiom in $M[G]$\ theory Powerset_Axiom imports Separation_Axiom Pairing_Axiom Union_Axiom begin simple_rename "perm_pow" src "[ss,p,l,o,fs,\]" tgt "[fs,ss,sp,p,l,o,\]" lemma Collect_inter_Transset: assumes "Transset(M)" "b \ M" shows "{x\b . P(x)} = {x\b . P(x)} \ M" using assms unfolding Transset_def by (auto) context G_generic1 begin lemma sats_fst_snd_in_M: assumes "A\M" "B\M" "\ \ formula" "p\M" "l\M" "o\M" "\\M" "arity(\) \ 6" shows "{\s,q\\A\B . M, [q,p,l,o,s,\] \ \} \ M" (is "?\ \ M") proof - let ?\' = "ren(\)`6`7`perm_pow_fn" from \A\M\ \B\M\ have "A\B \ M" using cartprod_closed by simp from \arity(\) \ 6\ \\\ formula\ have "?\' \ formula" "arity(?\')\7" unfolding perm_pow_fn_def using perm_pow_thm arity_ren ren_tc Nil_type by auto with \?\' \ formula\ have arty: "arity(Exists(Exists(And(pair_fm(0,1,2),?\'))))\5" (is "arity(?\)\5") using ord_simp_union pred_le by (auto simp:arity) { fix sp note \A\B \ M\ \A\M\ \B\M\ moreover assume "sp \ A\B" moreover from calculation have "fst(sp) \ A" "snd(sp) \ B" using fst_type snd_type by simp_all ultimately have "sp \ M" "fst(sp) \ M" "snd(sp) \ M" using transitivity by simp_all note inM = \A\M\ \B\M\ \p\M\ \l\M\ \o\M\ \\\M\ \sp\M\ \fst(sp)\M\ \snd(sp)\M\ with arty \sp \ M\ \?\' \ formula\ have "(M, [sp,p,l,o,\]@[p] \ ?\) \ M,[sp,p,l,o,\] \ ?\" (is "(M,?env0@ _\_) \ _") using arity_sats_iff[of ?\ "[p]" M ?env0] by auto also from inM \sp \ A\B\ have "... \ sats(M,?\',[fst(sp),snd(sp),sp,p,l,o,\])" by auto also from inM \\ \ formula\ \arity(\) \ 6\ have "... \ M, [snd(sp),p,l,o,fst(sp),\] \ \" (is "sats(_,_,?env1) \ sats(_,_,?env2)") using sats_iff_sats_ren[of \ 6 7 ?env2 M ?env1 perm_pow_fn] perm_pow_thm unfolding perm_pow_fn_def by simp finally have "(M,[sp,p,l,o,\,p] \ ?\) \ M, [snd(sp),p,l,o,fst(sp),\] \ \" by simp } then have "?\ = {sp\A\B . sats(M,?\,[sp,p,l,o,\,p])}" by auto with assms \A\B\M\ show ?thesis using separation_ax separation_iff arty leI \?\' \ formula\ by simp qed declare nat_into_M[rule del, simplified setclass_iff, intro] lemmas ssimps = domain_closed cartprod_closed cons_closed declare ssimps [simp del, simplified setclass_iff, simp, intro] lemma Pow_inter_MG: assumes "a\M[G]" shows "Pow(a) \ M[G] \ M[G]" proof - from assms obtain \ where "\ \ M" "val(G, \) = a" using GenExtD by auto - let ?Q="Pow(domain(\)\P) \ M" + let ?Q="Pow(domain(\)\\) \ M" from \\\M\ - have "domain(\)\P \ M" "domain(\) \ M" + have "domain(\)\\ \ M" "domain(\) \ M" by simp_all then have "?Q \ M" proof - - from power_ax \domain(\)\P \ M\ - obtain Q where "powerset(##M,domain(\)\P,Q)" "Q \ M" + from power_ax \domain(\)\\ \ M\ + obtain Q where "powerset(##M,domain(\)\\,Q)" "Q \ M" unfolding power_ax_def by auto moreover from calculation have "z\Q \ z\M" for z using transitivity by blast ultimately - have "Q = {a\Pow(domain(\)\P) . a\M}" - using \domain(\)\P \ M\ powerset_abs[of "domain(\)\P" Q] + have "Q = {a\Pow(domain(\)\\) . a\M}" + using \domain(\)\\ \ M\ powerset_abs[of "domain(\)\\" Q] by (simp flip: setclass_iff) also have " ... = ?Q" by auto finally show ?thesis using \Q\M\ by simp qed let ?\="?Q\{\}" let ?b="val(G,?\)" from \?Q\M\ have "?\\M" by auto then have "?b \ M[G]" using GenExtI by simp have "Pow(a) \ M[G] \ ?b" proof fix c assume "c \ Pow(a) \ M[G]" then obtain \ where "c\M[G]" "\ \ M" "val(G,\) = c" using GenExt_iff by auto - let ?\="{\\,p\ \domain(\)\P . p \ \0 \ 1\ [\,\] }" + let ?\="{\\,p\ \domain(\)\\ . p \ \0 \ 1\ [\,\] }" have "arity(forces(Member(0,1))) = 6" using arity_forces_at by auto with \domain(\) \ M\ \\ \ M\ have "?\ \ M" using sats_fst_snd_in_M by simp then have "?\ \ ?Q" by auto then have "val(G,?\) \ ?b" using one_in_G generic val_of_elem [of ?\ \ ?\ G] by auto have "val(G,?\) = c" proof(intro equalityI subsetI) fix x assume "x \ val(G,?\)" then obtain \ p where 1: "\\,p\\?\" "p\G" "val(G,\) = x" using elem_of_val_pair by blast moreover from \\\,p\\?\\ \?\ \ M\ have "\\M" using name_components_in_M[of _ _ ?\] by auto moreover from 1 - have "p \ \0 \ 1\ [\,\]" "p\P" + have "p \ \0 \ 1\ [\,\]" "p\\" by simp_all moreover note \val(G,\) = c\ \\ \ M\ ultimately have "M[G], [x, c] \ \0 \ 1\" using generic definition_of_forcing[where \="\0 \ 1\"] ord_simp_union by auto moreover from \\\M\ \\\M\ have "x\M[G]" using \val(G,\) = x\ GenExtI by blast ultimately show "x\c" using \c\M[G]\ by simp next fix x assume "x \ c" with \c \ Pow(a) \ M[G]\ have "x \ a" "c\M[G]" "x\M[G]" using transitivity_MG by auto with \val(G, \) = a\ obtain \ where "\\domain(\)" "val(G,\) = x" using elem_of_val by blast moreover note \x\c\ \val(G,\) = c\ \c\M[G]\ \x\M[G]\ moreover from calculation have "val(G,\) \ val(G,\)" by simp moreover from calculation have "M[G], [x, c] \ \0 \ 1\" by simp moreover have "\\M" proof - from \\\domain(\)\ obtain p where "\\,p\ \ \" by auto with \\\M\ show ?thesis using name_components_in_M by blast qed moreover note \\ \ M\ ultimately obtain p where "p\G" "p \ \0 \ 1\ [\,\]" using generic truth_lemma[of "\0 \ 1\" "[\,\]" ] ord_simp_union by auto moreover from \p\G\ - have "p\P" + have "p\\" using generic by blast ultimately have "\\,p\\?\" using \\\domain(\)\ by simp with \val(G,\) = x\ \p\G\ show "x\val(G,?\)" using val_of_elem [of _ _ "?\" G] by auto qed with \val(G,?\) \ ?b\ show "c\?b" by simp qed then have "Pow(a) \ M[G] = {x\?b . x\a \ x\M[G]}" by auto also from \a\M[G]\ have " ... = {x\?b . ( M[G], [x,a] \ \0 \ 1\ ) \ x\M[G]}" using Transset_MG by force also have " ... = {x\?b . ( M[G], [x,a] \ \0 \ 1\ )} \ M[G]" by auto also from \?b\M[G]\ have " ... = {x\?b . ( M[G], [x,a] \ \0 \ 1\ )}" using Collect_inter_Transset Transset_MG by simp also from \?b\M[G]\ \a\M[G]\ have " ... \ M[G]" using Collect_sats_in_MG GenExtI ord_simp_union by (simp add:arity) finally show ?thesis . qed end \ \\<^locale>\G_generic1\\ sublocale G_generic1 \ ext: M_trivial "##M[G]" using generic Union_MG pairing_in_MG zero_in_MG transitivity_MG unfolding M_trivial_def M_trans_def M_trivial_axioms_def by (simp; blast) context G_generic1 begin theorem power_in_MG : "power_ax(##(M[G]))" unfolding power_ax_def proof (intro rallI, simp only:setclass_iff rex_setclass_is_bex) fix a text\After simplification, we have to show that for every \<^term>\a\M[G]\ there exists some \<^term>\x\M[G]\ satisfying \<^term>\powerset(##M[G],a,x)\\ assume "a \ M[G]" have "{x\Pow(a) . x \ M[G]} = Pow(a) \ M[G]" by auto also from \a\M[G]\ have " ... \ M[G]" using Pow_inter_MG by simp finally have "{x\Pow(a) . x \ M[G]} \ M[G]" . moreover from \a\M[G]\ this have "powerset(##M[G], a, {x\Pow(a) . x \ M[G]})" using ext.powerset_abs by simp ultimately show "\x\M[G] . powerset(##M[G], a, x)" by auto qed end \ \\<^locale>\G_generic1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Proper_Extension.thy b/thys/Independence_CH/Proper_Extension.thy --- a/thys/Independence_CH/Proper_Extension.thy +++ b/thys/Independence_CH/Proper_Extension.thy @@ -1,84 +1,84 @@ section\Separative notions and proper extensions\ theory Proper_Extension imports Names begin text\The key ingredient to obtain a proper extension is to have a \<^emph>\separative preorder\:\ locale separative_notion = forcing_notion + - assumes separative: "p\P \ \q\P. \r\P. q \ p \ r \ p \ q \ r" + assumes separative: "p\\ \ \q\\. \r\\. q \ p \ r \ p \ q \ r" begin text\For separative preorders, the complement of every filter is dense. Hence an $M$-generic filter cannot belong to the ground model.\ lemma filter_complement_dense: assumes "filter(G)" - shows "dense(P - G)" + shows "dense(\ - G)" proof fix p - assume "p\P" - show "\d\P - G. d \ p" + assume "p\\" + show "\d\\ - G. d \ p" proof (cases "p\G") case True - note \p\P\ assms + note \p\\\ assms moreover - obtain q r where "q \ p" "r \ p" "q \ r" "q\P" "r\P" - using separative[OF \p\P\] + obtain q r where "q \ p" "r \ p" "q \ r" "q\\" "r\\" + using separative[OF \p\\\] by force with \filter(G)\ - obtain s where "s \ p" "s \ G" "s \ P" + obtain s where "s \ p" "s \ G" "s \ \" using filter_imp_compat[of G q r] by auto then show ?thesis by blast next case False - with \p\P\ + with \p\\\ show ?thesis using refl_leq unfolding Diff_def by auto qed qed end \ \\<^locale>\separative_notion\\ locale ctm_separative = forcing_data1 + separative_notion begin context fixes G assumes generic: "M_generic(G)" begin -interpretation G_generic1 P leq \ M enum G +interpretation G_generic1 \ leq \ M enum G by unfold_locales (simp add:generic) lemma generic_not_in_M: shows "G \ M" proof assume "G\M" then - have "P - G \ M" + have "\ - G \ M" using Diff_closed by simp moreover - have "\(\q\G. q \ P - G)" "(P - G) \ P" + have "\(\q\G. q \ \ - G)" "(\ - G) \ \" unfolding Diff_def by auto moreover note generic ultimately show "False" - using filter_complement_dense[of G] M_generic_denseD[of "P-G"] + using filter_complement_dense[of G] M_generic_denseD[of "\-G"] by auto qed theorem proper_extension: "M \ M[G]" using generic G_in_Gen_Ext one_in_G generic_not_in_M by force end end \ \\<^locale>\ctm_separative\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Replacement_Axiom.thy b/thys/Independence_CH/Replacement_Axiom.thy --- a/thys/Independence_CH/Replacement_Axiom.thy +++ b/thys/Independence_CH/Replacement_Axiom.thy @@ -1,306 +1,306 @@ section\The Axiom of Replacement in $M[G]$\ theory Replacement_Axiom imports Separation_Axiom begin context forcing_data1 begin bundle sharp_simps1 = snd_abs[simp] fst_abs[simp] fst_closed[simp del, simplified, simp] snd_closed[simp del, simplified, simp] M_inhabited[simplified, simp] pair_in_M_iff[simp del, simplified, simp] lemma sats_body_ground_repl_fm: includes sharp_simps1 assumes - "\t p. x=\t,p\" "[x,\,m,P,leq,\] @ nenv \list(M)" + "\t p. x=\t,p\" "[x,\,m,\,leq,\] @ nenv \list(M)" "\\formula" shows "(\\\M. \V\M. is_Vset(\a. (##M)(a),\,V) \ \ \ V \ (snd(x) \ \ ([fst(x),\]@nenv))) - \ M, [\, x, m, P, leq, \] @ nenv \ body_ground_repl_fm(\)" + \ M, [\, x, m, \, leq, \] @ nenv \ body_ground_repl_fm(\)" unfolding body_ground_repl_fm_def rename_split_fm_def by ((insert assms,rule iff_sats | simp add:nonempty[simplified])+, insert sats_incr_bv_iff[where bvs="[_,_,_,_,_,_]", simplified],auto del: iffI) end \ \\<^locale>\forcing_data1\\ context G_generic1 begin lemma Replace_sats_in_MG: assumes "c\M[G]" "env \ list(M[G])" "\ \ formula" "arity(\) \ 2 +\<^sub>\ length(env)" "univalent(##M[G], c, \x v. (M[G] , [x,v]@env \ \) )" and ground_replacement: - "\nenv. ground_replacement_assm(M,[P,leq,\] @ nenv, \)" + "\nenv. ground_replacement_assm(M,[\,leq,\] @ nenv, \)" shows "{v. x\c, v\M[G] \ (M[G] , [x,v]@env \ \)} \ M[G]" proof - let ?R = "\ x v . v\M[G] \ (M[G] , [x,v]@env \ \)" from \c\M[G]\ obtain \' where "val(G, \') = c" "\' \ M" using GenExt_def by auto then - have "domain(\')\P\M" (is "?\\M") + have "domain(\')\\\M" (is "?\\M") using cartprod_closed domain_closed by simp from \val(G, \') = c\ have "c \ val(G,?\)" using def_val[of G ?\] elem_of_val[of _ G \'] one_in_G domain_of_prod[OF one_in_P, of "domain(\')"] by (force del:M_genericD) from \env \ _\ obtain nenv where "nenv\list(M)" "env = map(val(G),nenv)" using map_val by auto then have "length(nenv) = length(env)" by simp with \arity(\) \ _\ have "arity(\) \ 2 +\<^sub>\ length(nenv)" by simp define f where "f(\p) \ \ \. \\M \ (\\\M. \ \ Vset(\) \ (snd(\p) \ \ ([fst(\p),\] @ nenv)))" (is "_ \ \ \. ?P(\p,\)") for \p have "f(\p) = (\ \. \\M \ (\\\M. \V\M. is_Vset(##M,\,V) \ \\V \ (snd(\p) \ \ ([fst(\p),\] @ nenv))))" (is "_ = (\ \. \\M \ ?Q(\p,\))") for \p unfolding f_def using Vset_abs Vset_closed Ord_Least_cong[of "?P(\p)" "\ \. \\M \ ?Q(\p,\)"] by (simp, simp del:setclass_iff) moreover note inM = \nenv\list(M)\ \?\\M\ moreover have "f(\p) \ M" "Ord(f(\p))" for \p unfolding f_def using Least_closed'[of "?P(\p)"] by simp_all ultimately have 1:"least(##M,\\. ?Q(\p,\),f(\p))" for \p using least_abs'[of "\\. \\M \ ?Q(\p,\)" "f(\p)"] least_conj by (simp flip: setclass_iff) define QQ where "QQ\?Q" from 1 have "least(##M,\\. QQ(\p,\),f(\p))" for \p unfolding QQ_def . - have body:"(M, [\p,m,P,leq,\] @ nenv \ ground_repl_fm(\)) \ least(##M, QQ(\p), m)" + have body:"(M, [\p,m,\,leq,\] @ nenv \ ground_repl_fm(\)) \ least(##M, QQ(\p), m)" if "\p\M" "\p\?\" "m\M" for \p m proof - note inM that moreover from this assms 1 - have "(M , [\,\p,m,P,leq,\] @ nenv \ body_ground_repl_fm(\)) \ ?Q(\p,\)" if "\\M" for \ + have "(M , [\,\p,m,\,leq,\] @ nenv \ body_ground_repl_fm(\)) \ ?Q(\p,\)" if "\\M" for \ using that sats_body_ground_repl_fm[of \p \ m nenv \] by auto moreover from calculation have body:"\\. \ \ M \ (\\\M. \V\M. is_Vset(\a. a\M, \, V) \ \ \ V \ (snd(\p) \ \ ([fst(\p),\] @ nenv))) \ - M, Cons(\, [\p, m, P, leq, \] @ nenv) \ body_ground_repl_fm(\)" + M, Cons(\, [\p, m, \, leq, \] @ nenv) \ body_ground_repl_fm(\)" by simp ultimately - show "(M , [\p,m,P,leq,\] @ nenv \ ground_repl_fm(\)) \ least(##M, QQ(\p), m)" + show "(M , [\p,m,\,leq,\] @ nenv \ ground_repl_fm(\)) \ least(##M, QQ(\p), m)" using sats_least_fm[OF body,of 1] unfolding QQ_def ground_repl_fm_def by (simp, simp flip: setclass_iff) qed then - have "univalent(##M, ?\, \\p m. M , [\p,m] @ ([P,leq,\] @ nenv) \ ground_repl_fm(\))" + have "univalent(##M, ?\, \\p m. M , [\p,m] @ ([\,leq,\] @ nenv) \ ground_repl_fm(\))" unfolding univalent_def by (auto intro:unique_least) moreover from \length(_) = _\ \env \ _\ - have "length([P,leq,\] @ nenv) = 3 +\<^sub>\ length(env)" by simp + have "length([\,leq,\] @ nenv) = 3 +\<^sub>\ length(env)" by simp moreover from \arity(\) \ 2 +\<^sub>\ length(nenv)\ \length(_) = length(_)\[symmetric] \nenv\_\ \\\_\ have "arity(ground_repl_fm(\)) \ 5 +\<^sub>\ length(env)" using arity_ground_repl_fm[of \] le_trans Un_le by auto moreover from \\\formula\ have "ground_repl_fm(\)\formula" by simp moreover note \length(nenv) = length(env)\ inM ultimately obtain Y where "Y\M" - "\m\M. m \ Y \ (\\p\M. \p \ ?\ \ (M, [\p,m] @ ([P,leq,\] @ nenv) \ ground_repl_fm(\)))" + "\m\M. m \ Y \ (\\p\M. \p \ ?\ \ (M, [\p,m] @ ([\,leq,\] @ nenv) \ ground_repl_fm(\)))" using ground_replacement[of nenv] unfolding strong_replacement_def ground_replacement_assm_def replacement_assm_def by auto with \least(_,QQ(_),f(_))\ \f(_) \ M\ \?\\M\ body have "f(\p)\Y" if "\p\?\" for \p using that transitivity[OF _ \?\\M\] by (clarsimp,rename_tac \ p \p, rule_tac x="\\,p\" in bexI, auto) from \Y\M\ have "\ {y\Y. Ord(y)} \ M" (is "?sup \ M") using separation_Ord separation_closed Union_closed by simp then have "{x\Vset(?sup). x \ M} \ {\} \ M" (is "?big_name \ M") using Vset_closed cartprod_closed singleton_closed by simp then have "val(G,?big_name) \ M[G]" by (blast intro:GenExtI) have "{v. x\c, ?R(x,v)} \ val(G,?big_name)" (is "?repl\?big") proof(intro subsetI) fix v assume "v\?repl" moreover from this obtain x where "x\c" "M[G], [x, v] @ env \ \" "v\M[G]" by auto moreover note \val(G,\')=c\ \\'\M\ moreover from calculation obtain \ p where "\\,p\\\'" "val(G,\) = x" "p\G" "\\M" using elem_of_val_pair' by blast moreover from this \v\M[G]\ obtain \ where "val(G,\) = v" "\\M" using GenExtD by (force del:M_genericD) moreover note \\\_\ \nenv\_\ \env = _\ \arity(\)\ 2 +\<^sub>\ length(env)\ ultimately - obtain q where "q\G" "q \ \ ([\,\]@nenv)" "q\P" + obtain q where "q\G" "q \ \ ([\,\]@nenv)" "q\\" using truth_lemma[OF \\\_\,of "[\,\] @ nenv"] by auto with \\\,p\\\'\ \\\,q\\?\ \ f(\\,q\)\Y\ have "f(\\,q\)\Y" using generic by blast let ?\="succ(rank(\))" note \\\M\ moreover from this have "?\ \ M" "\ \ Vset(?\)" using rank_closed cons_closed Vset_Ord_rank_iff by (simp_all flip: setclass_iff) moreover note \q \ \ ([\,\] @ nenv)\ ultimately have "?P(\\,q\,?\)" by (auto simp del: Vset_rank_iff) moreover have "(\ \. ?P(\\,q\,\)) = f(\\,q\)" unfolding f_def by simp ultimately obtain \ where "\\M" "\ \ Vset(f(\\,q\))" "q \ \ ([\,\] @ nenv)" using LeastI[of "\ \. ?P(\\,q\,\)" ?\] by auto with \q\G\ \\\M\ \nenv\_\ \arity(\)\ 2 +\<^sub>\ length(nenv)\ have "M[G], map(val(G),[\,\] @ nenv) \ \" using truth_lemma[OF \\\_\, of "[\,\] @ nenv"] by auto moreover from \x\c\ \c\M[G]\ have "x\M[G]" using transitivity_MG by simp moreover note \M[G],[x,v] @ env\ \\ \env = map(val(G),nenv)\ \\\M\ \val(G,\)=x\ \univalent(##M[G],_,_)\ \x\c\ \v\M[G]\ ultimately have "v=val(G,\)" using GenExtI[of \ G] unfolding univalent_def by (auto) from \\ \ Vset(f(\\,q\))\ \Ord(f(_))\ \f(\\,q\)\Y\ have "\ \ Vset(?sup)" using Vset_Ord_rank_iff lt_Union_iff[of _ "rank(\)"] by auto with \\\M\ have "val(G,\) \ val(G,?big_name)" using domain_of_prod[of \ "{\}" "{x\Vset(?sup). x \ M}" ] def_val[of G ?big_name] one_in_G one_in_P by (auto simp del: Vset_rank_iff) with \v=val(G,\)\ show "v \ val(G,?big_name)" by simp qed from \?big_name\M\ have "?repl = {v\?big. \x\c. M[G], [x,v] @ env \ \}" (is "_ = ?rhs") proof(intro equalityI subsetI) fix v assume "v\?repl" with \?repl\?big\ obtain x where "x\c" "M[G], [x, v] @ env \ \" "v\?big" using subsetD by auto with \univalent(##M[G],_,_)\ \c\M[G]\ show "v \ ?rhs" unfolding univalent_def using transitivity_MG ReplaceI[of "\ x v. \x\c. M[G], [x, v] @ env \ \"] by blast next fix v assume "v\?rhs" then obtain x where "v\val(G, ?big_name)" "M[G], [x, v] @ env \ \" "x\c" by blast moreover from this \c\M[G]\ have "v\M[G]" "x\M[G]" using transitivity_MG GenExtI[OF \?big_name\_\,of G] by auto moreover from calculation \univalent(##M[G],_,_)\ have "?R(x,y) \ y = v" for y unfolding univalent_def by auto ultimately show "v\?repl" using ReplaceI[of ?R x v c] by blast qed moreover let ?\ = "(\\\\0 \ 2 +\<^sub>\ length(env) \ \ \\\)" from \\\_\ have "?\\formula" "arity(?\) \ 2 +\<^sub>\ length(env)" using pred_mono[OF _ \arity(\)\2+\<^sub>\length(env)\] lt_trans[OF _ le_refl] by (auto simp add:ord_simp_union arity) moreover from \\\_\ \arity(\)\2+\<^sub>\length(env)\ \c\M[G]\ \env\_\ have "(\x\c. M[G], [x,v] @ env \ \) \ M[G], [v] @ env @ [c] \ ?\" if "v\M[G]" for v using that nth_concat transitivity_MG[OF _ \c\M[G]\] arity_sats_iff[of \ "[c]" _ "[_,v]@env"] by auto moreover from this have "{v\?big. \x\c. M[G], [x,v] @ env \ \} = {v\?big. M[G], [v] @ env @ [c] \ ?\}" using transitivity_MG[OF _ GenExtI, OF _ \?big_name\M\] by simp moreover from calculation and \env\_\ \c\_\ \?big\M[G]\ have "{v\?big. M[G] , [v] @ env @ [c] \ ?\} \ M[G]" using Collect_sats_in_MG by auto ultimately show ?thesis by simp qed theorem strong_replacement_in_MG: assumes "\\formula" and "arity(\) \ 2 +\<^sub>\ length(env)" "env \ list(M[G])" and ground_replacement: - "\nenv. ground_replacement_assm(M,[P,leq,\] @ nenv, \)" + "\nenv. ground_replacement_assm(M,[\,leq,\] @ nenv, \)" shows "strong_replacement(##M[G],\x v. M[G],[x,v] @ env \ \)" proof - let ?R="\x y . M[G], [x, y] @ env \ \" { fix A let ?Y="{v . x \ A, v\M[G] \ ?R(x,v)}" assume 1: "(##M[G])(A)" "univalent(##M[G], A, ?R)" with assms have "(##M[G])(?Y)" using Replace_sats_in_MG ground_replacement 1 unfolding ground_replacement_assm_def by auto have "b \ ?Y \ (\x[##M[G]]. x \ A \ ?R(x,b))" if "(##M[G])(b)" for b proof(rule) from \(##M[G])(A)\ show "\x[##M[G]]. x \ A \ ?R(x,b)" if "b \ ?Y" using that transitivity_MG by auto next show "b \ ?Y" if "\x[##M[G]]. x \ A \ ?R(x,b)" proof - from \(##M[G])(b)\ have "b\M[G]" by simp with that obtain x where "(##M[G])(x)" "x\A" "b\M[G] \ ?R(x,b)" by blast moreover from this 1 \(##M[G])(b)\ have "x\M[G]" "z\M[G] \ ?R(x,z) \ b = z" for z unfolding univalent_def by auto ultimately show ?thesis using ReplaceI[of "\ x y. y\M[G] \ ?R(x,y)"] by blast qed qed then have "\b[##M[G]]. b \ ?Y \ (\x[##M[G]]. x \ A \ ?R(x,b))" by simp with \(##M[G])(?Y)\ have " (\Y[##M[G]]. \b[##M[G]]. b \ Y \ (\x[##M[G]]. x \ A \ ?R(x,b)))" by auto } then show ?thesis unfolding strong_replacement_def by simp qed lemma replacement_assm_MG: assumes ground_replacement: - "\nenv. ground_replacement_assm(M,[P,leq,\] @ nenv, \)" + "\nenv. ground_replacement_assm(M,[\,leq,\] @ nenv, \)" shows "replacement_assm(M[G],env,\)" using assms strong_replacement_in_MG unfolding replacement_assm_def by simp end \ \\<^locale>\G_generic1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Separation_Axiom.thy b/thys/Independence_CH/Separation_Axiom.thy --- a/thys/Independence_CH/Separation_Axiom.thy +++ b/thys/Independence_CH/Separation_Axiom.thy @@ -1,291 +1,291 @@ section\The Axiom of Separation in $M[G]$\ theory Separation_Axiom imports Forcing_Theorems Separation_Rename begin context G_generic1 begin lemma map_val : assumes "env\list(M[G])" shows "\nenv\list(M). env = map(val(G),nenv)" using assms proof(induct env) case Nil have "map(val(G),Nil) = Nil" by simp then show ?case by force next case (Cons a l) then obtain a' l' where "l' \ list(M)" "l=map(val(G),l')" "a = val(G,a')" "Cons(a,l) = map(val(G),Cons(a',l'))" "Cons(a',l') \ list(M)" using GenExtD by force then show ?case by force qed lemma Collect_sats_in_MG : assumes "A\M[G]" "\ \ formula" "env\list(M[G])" "arity(\) \ 1 +\<^sub>\ length(env)" shows "{x \ A . (M[G], [x] @ env \ \)} \ M[G]" proof - from \A\M[G]\ obtain \ where "\ \ M" "val(G, \) = A" using GenExt_def by auto then - have "domain(\)\M" "domain(\) \ P \ M" - using cartprod_closed[of _ P,simplified] + have "domain(\)\M" "domain(\) \ \ \ M" + using cartprod_closed[of _ \,simplified] by (simp_all flip:setclass_iff) let ?\="\\ 0 \ (1 +\<^sub>\ length(env)) \ \ \ \" let ?new_form="sep_ren(length(env),forces(?\))" let ?\="(\\(\\\\\0,1\ is 2 \ \ ?new_form \ \)\)" note phi = \\\formula\ \arity(\) \ 1 +\<^sub>\ length(env)\ then have "?\\formula" "forces(?\) \ formula" "arity(\) \ 2+\<^sub>\ length(env)" using definability le_trans[OF \arity(\)\_\] add_le_mono[of 1 2,OF _ le_refl] by simp_all with \env\_\ phi have "arity(?\) \ 2+\<^sub>\length(env)" using ord_simp_union leI FOL_arities by simp with \env\list(_)\ phi have "arity(forces(?\)) \ 6 +\<^sub>\ length(env)" using arity_forces_le by simp then have "arity(forces(?\)) \ 7 +\<^sub>\ length(env)" using ord_simp_union arity_forces leI by simp with \arity(forces(?\)) \7 +\<^sub>\ _\ \env \ _\ \\ \ formula\ have "arity(?new_form) \ 7 +\<^sub>\ length(env)" "?new_form \ formula" "?\\formula" using arity_rensep[OF definability[of "?\"]] by auto then have "arity(?\) \ 5 +\<^sub>\ length(env)" using ord_simp_union arity_forces pred_mono[OF _ pred_mono[OF _ \arity(?new_form) \ _\]] by (auto simp:arity) from \env \ _\ obtain nenv where "nenv\list(M)" "env = map(val(G),nenv)" "length(nenv) = length(env)" using map_val by auto from phi \nenv\_\ \env\_\ \\\M\ \\\_\ \length(nenv) = length(env)\ have "arity(?\) \ length([\] @ nenv @ [\])" for \ using union_abs2[OF \arity(\) \ 2+\<^sub>\ _\] ord_simp_union FOL_arities by simp - note in_M = \\\M\ \domain(\) \ P \ M\ + note in_M = \\\M\ \domain(\) \ \ \ M\ have Equivalence: " - (M, [u,P,leq,\,\] @ nenv \ ?\) \ - (\\\M. \p\P. u =\\,p\ \ + (M, [u,\,leq,\,\] @ nenv \ ?\) \ + (\\\M. \p\\. u =\\,p\ \ (\F. M_generic(F) \ p \ F \ M[F], map(val(F), [\] @ nenv @[\]) \ ?\))" - if "u \ domain(\) \ P" + if "u \ domain(\) \ \" for u proof - - from \u \ domain(\) \ P\ \domain(\) \ P \ M\ + from \u \ domain(\) \ \\ \domain(\) \ \ \ M\ have "u\M" by (simp add:transitivity) - have "(M, [\,p,u,P,leq,\,\]@nenv \ ?new_form) \ + have "(M, [\,p,u,\,leq,\,\]@nenv \ ?new_form) \ (\F. M_generic(F) \ p \ F \ (M[F], map(val(F), [\] @ nenv@[\]) \ ?\))" - if "\\M" "p\P" + if "\\M" "p\\" for \ p proof - - from \p\P\ + from \p\\\ have "p\M" by (simp add: transitivity) - let ?env="[p,P,leq,\,\] @ nenv @ [\,u]" - let ?new_env=" [\,p,u,P,leq,\,\] @ nenv" - note types = in_M \\ \ M\ \p\M\ \u \ domain(\) \ P\ \u \ M\ \nenv\_\ + let ?env="[p,\,leq,\,\] @ nenv @ [\,u]" + let ?new_env=" [\,p,u,\,leq,\,\] @ nenv" + note types = in_M \\ \ M\ \p\M\ \u \ domain(\) \ \\ \u \ M\ \nenv\_\ then have tyenv:"?env \ list(M)" "?new_env \ list(M)" by simp_all from types - have eq_env:"[p, P, leq, \] @ ([\] @ nenv @ [\,u]) = - ([p, P, leq, \] @ ([\] @ nenv @ [\])) @ [u]" + have eq_env:"[p, \, leq, \] @ ([\] @ nenv @ [\,u]) = + ([p, \, leq, \] @ ([\] @ nenv @ [\])) @ [u]" using app_assoc by simp then - have "(M, [\,p,u,P,leq,\,\] @ nenv \ ?new_form) \ (M, ?new_env \ ?new_form)" + have "(M, [\,p,u,\,leq,\,\] @ nenv \ ?new_form) \ (M, ?new_env \ ?new_form)" by simp from tyenv \length(nenv) = length(env)\ \arity(forces(?\)) \ 7 +\<^sub>\ length(env)\ \forces(?\) \ formula\ have "... \ p \ ?\ ([\] @ nenv @ [\,u])" using sepren_action[of "forces(?\)" "nenv",OF _ _ \nenv\list(M)\] by simp also from types phi \env\_\ \length(nenv) = length(env)\ \arity(forces(?\)) \ 6 +\<^sub>\ length(env)\ have "... \ p \ ?\ ([\] @ nenv @ [\])" by (subst eq_env,rule_tac arity_sats_iff,auto) - also from types phi \p\P\ \arity(forces(?\)) \ 6 +\<^sub>\ length(env)\ \arity(?\) \ length([\] @ nenv @ [\])\ + also from types phi \p\\\ \arity(forces(?\)) \ 6 +\<^sub>\ length(env)\ \arity(?\) \ length([\] @ nenv @ [\])\ have " ... \ (\F . M_generic(F) \ p \ F \ M[F], map(val(F), [\] @ nenv @ [\]) \ ?\)" using definition_of_forcing[where \="\\ 0 \ (1 +\<^sub>\ length(env)) \ \ \ \"] by auto finally show ?thesis by simp qed - with in_M \?new_form \ formula\ \?\\formula\ \nenv \ _\ \u \ domain(\)\P\ + with in_M \?new_form \ formula\ \?\\formula\ \nenv \ _\ \u \ domain(\)\\\ show ?thesis by (auto simp add: transitivity) qed moreover from \env = _\ \\\M\ \nenv\list(M)\ have map_nenv:"map(val(G), nenv @ [\]) = env @ [val(G,\)]" using map_app_distrib append1_eq_iff by auto ultimately - have aux:"(\\\M. \p\P. u =\\,p\ \ (p\G \ M[G], [val(G,\)] @ env @ [val(G,\)] \ ?\))" - (is "(\\\M. \p\P. _ ( _ \ M[G] , ?vals(\) \ _))") - if "u \ domain(\) \ P" "M, [u,P,leq,\,\] @ nenv \ ?\" for u + have aux:"(\\\M. \p\\. u =\\,p\ \ (p\G \ M[G], [val(G,\)] @ env @ [val(G,\)] \ ?\))" + (is "(\\\M. \p\\. _ ( _ \ M[G] , ?vals(\) \ _))") + if "u \ domain(\) \ \" "M, [u,\,leq,\,\] @ nenv \ ?\" for u using Equivalence[THEN iffD1, OF that] generic by force moreover have "[val(G, \)] @ env @ [val(G, \)] \ list(M[G])" if "\\M" for \ using \\\M\ \env \ list(M[G])\ GenExtI that by force ultimately - have "(\\\M. \p\P. u=\\,p\ \ (p\G \ val(G,\)\nth(1 +\<^sub>\ length(env),[val(G, \)] @ env @ [val(G, \)]) + have "(\\\M. \p\\. u=\\,p\ \ (p\G \ val(G,\)\nth(1 +\<^sub>\ length(env),[val(G, \)] @ env @ [val(G, \)]) \ (M[G], ?vals(\) \ \)))" - if "u \ domain(\) \ P" "M, [u,P,leq,\,\] @ nenv \ ?\" for u + if "u \ domain(\) \ \" "M, [u,\,leq,\,\] @ nenv \ ?\" for u using aux[OF that] by simp moreover from \env \ _\ \\\M\ have nth:"nth(1 +\<^sub>\ length(env),[val(G, \)] @ env @ [val(G, \)]) = val(G,\)" if "\\M" for \ using nth_concat[of "val(G,\)" "val(G,\)" "M[G]"] that GenExtI by simp ultimately - have "(\\\M. \p\P. u=\\,p\ \ (p\G \ val(G,\)\val(G,\) \ (M[G],?vals(\) \ \)))" - if "u \ domain(\) \ P" "M, [u,P,leq,\,\] @ nenv \ ?\" for u + have "(\\\M. \p\\. u=\\,p\ \ (p\G \ val(G,\)\val(G,\) \ (M[G],?vals(\) \ \)))" + if "u \ domain(\) \ \" "M, [u,\,leq,\,\] @ nenv \ ?\" for u using that \\\M\ \env \ _\ by simp - with \domain(\)\P\M\ - have "\u\domain(\)\P . (M, [u,P,leq,\,\] @ nenv \ ?\) \ (\\\M. \p\P. u =\\,p\ \ + with \domain(\)\\\M\ + have "\u\domain(\)\\ . (M, [u,\,leq,\,\] @ nenv \ ?\) \ (\\\M. \p\\. u =\\,p\ \ (p \ G \ val(G, \)\val(G, \) \ (M[G],?vals(\) \ \)))" by (simp add:transitivity) then - have "{u\domain(\)\P . (M,[u,P,leq,\,\] @ nenv \ ?\) } \ - {u\domain(\)\P . \\\M. \p\P. u =\\,p\ \ + have "{u\domain(\)\\ . (M,[u,\,leq,\,\] @ nenv \ ?\) } \ + {u\domain(\)\\ . \\\M. \p\\. u =\\,p\ \ (p \ G \ val(G, \)\val(G, \) \ (M[G], ?vals(\) \ \))}" (is "?n\?m") by auto then have first_incl: "val(G,?n) \ val(G,?m)" using val_mono by simp note \val(G,\) = A\ (* from the assumptions *) with \?\\formula\ \arity(?\) \ _\ in_M \nenv \ _\ \env \ _\ \length(nenv) = _\ have "?n\M" using separation_ax leI separation_iff by auto from generic - have "filter(G)" "G\P" + have "filter(G)" "G\\" by auto from \val(G,\) = A\ have "val(G,?m) = - {z . t\domain(\) , (\q\P . - (\\\M. \p\P. \t,q\ = \\, p\ \ + {z . t\domain(\) , (\q\\ . + (\\\M. \p\\. \t,q\ = \\, p\ \ (p \ G \ val(G, \) \ A \ (M[G], [val(G, \)] @ env @ [A] \ \)) \ q \ G)) \ z=val(G,t)}" using val_of_name by auto also - have "... = {z . t\domain(\) , (\q\P. + have "... = {z . t\domain(\) , (\q\\. val(G, t) \ A \ (M[G], [val(G, t)] @ env @ [A] \ \) \ q \ G) \ z=val(G,t)}" using \domain(\)\M\ by (auto simp add:transitivity) also - have "... = {x\A . \q\P. x \ A \ (M[G], [x] @ env @ [A] \ \) \ q \ G}" + have "... = {x\A . \q\\. x \ A \ (M[G], [x] @ env @ [A] \ \) \ q \ G}" proof(intro equalityI, auto) (* Now we show the other inclusion: - {x .. x \ A , \q\P. x \ A \ (M[G], [x, w, c] \ \) \ q \ G} + {x .. x \ A , \q\\. x \ A \ (M[G], [x, w, c] \ \) \ q \ G} \ - {val(G,t)..t\domain(\),\q\P.val(G,t)\ A\(M[G], [val(G,t),w] \ \)\q\G} + {val(G,t)..t\domain(\),\q\\.val(G,t)\ A\(M[G], [val(G,t),w] \ \)\q\G} *) { fix x q - assume "M[G], Cons(x, env @ [A]) \ \" "x\A" "q \ P" "q \ G" + assume "M[G], Cons(x, env @ [A]) \ \" "x\A" "q \ \" "q \ G" from this \val(G,\) = A\ - show "x \ {y . x \ domain(\), val(G, x) \ A \ (M[G], Cons(val(G, x), env @ [A]) \ \) \ (\q\P. q \ G) \ y = val(G, x)}" + show "x \ {y . x \ domain(\), val(G, x) \ A \ (M[G], Cons(val(G, x), env @ [A]) \ \) \ (\q\\. q \ G) \ y = val(G, x)}" using elem_of_val by force } qed also have " ... = {x \ A. (M[G], [x] @ env @ [A] \ \)}" - using \G\P\ G_nonempty by force + using \G\\\ G_nonempty by force finally have val_m: "val(G,?m) = {x \ A. (M[G], [x] @ env @ [A] \ \)}" by simp have "val(G,?m) \ val(G,?n)" proof fix x assume "x \ val(G,?m)" with val_m have "x \ {x \ A. (M[G], [x] @ env @ [A] \ \)}" by simp with \val(G,\) = A\ have "x \ val(G,\)" by simp then obtain \ q where "\\,q\\\" "q\G" "val(G,\)=x" "\\M" using elem_of_val_pair domain_trans[OF trans_M \\\_\] by force with \\\M\ \nenv \ _\ \env = _\ have "[val(G,\), val(G,\)] @ env \ list(M[G])" "[\] @ nenv @ [\]\list(M)" using GenExt_def by auto with \val(G,\)=x\ \val(G,\) = A\ \x \ val(G,\)\ nth \\\M\ \x\ {x \ A . _}\ have "M[G], [val(G,\)] @ env @ [val(G,\)] \ \\ 0 \ (1 +\<^sub>\ length(env)) \ \ \ \" by auto \ \Recall \<^term>\?\ = And(Member(0,1 +\<^sub>\ length(env)),\)\\ with \[_] @ nenv @ [_] \ _ \ map_nenv \arity(?\) \ length(_)\ \length(nenv) = _\ obtain r where "r\G" "r \ ?\ ([\] @ nenv @ [\])" using truth_lemma[OF \?\\_\,of "[\] @ nenv @ [\]"] by auto with \filter(G)\ and \q\G\ obtain p where "p\G" "p\q" "p\r" unfolding filter_def compat_in_def by force - with \r\G\ \q\G\ \G\P\ - have "p\P" "r\P" "q\P" "p\M" + with \r\G\ \q\G\ \G\\\ + have "p\\" "r\\" "q\\" "p\M" using transitivity[OF _ P_in_M] subsetD by simp_all with \\\formula\ \\\M\ \\\M\ \p\r\ \nenv \ _\ \arity(?\) \ length(_)\ \r \ ?\ _\ \env\_\ have "p \ ?\ ([\] @ nenv @ [\])" using strengthening_lemma by simp - with \p\P\ \\\formula\ \\\M\ \\\M\ \nenv \ _\ \arity(?\) \ length(_)\ + with \p\\\ \\\formula\ \\\M\ \\\M\ \nenv \ _\ \arity(?\) \ length(_)\ have "\F. M_generic(F) \ p \ F \ M[F], map(val(F), [\] @ nenv @ [\]) \ ?\" using definition_of_forcing[where \="\\ 0 \ (1 +\<^sub>\ length(env)) \ \ \ \"] by simp - with \p\P\ \\\M\ - have Eq6: "\\'\M. \p'\P. \\,p\ = \\',p'\ \ (\F. M_generic(F) \ p' \ F \ + with \p\\\ \\\M\ + have Eq6: "\\'\M. \p'\\. \\,p\ = \\',p'\ \ (\F. M_generic(F) \ p' \ F \ M[F], map(val(F), [\'] @ nenv @ [\]) \ ?\)" by auto - from \\\M\ \\\,q\\\\ \\\M\ \p\P\ \p\M\ - have "\\,q\ \ M" "\\,p\\M" "\\,p\\domain(\)\P" + from \\\M\ \\\,q\\\\ \\\M\ \p\\\ \p\M\ + have "\\,q\ \ M" "\\,p\\M" "\\,p\\domain(\)\\" using pair_in_M_iff transitivity by auto - with \\\M\ Eq6 \p\P\ - have "M, [\\,p\,P,leq,\,\] @ nenv \ ?\" + with \\\M\ Eq6 \p\\\ + have "M, [\\,p\,\,leq,\,\] @ nenv \ ?\" using Equivalence by auto - with \\\,p\\domain(\)\P\ + with \\\,p\\domain(\)\\\ have "\\,p\\?n" by simp - with \p\G\ \p\P\ + with \p\G\ \p\\\ have "val(G,\)\val(G,?n)" using val_of_elem[of \ p] by simp with \val(G,\)=x\ show "x\val(G,?n)" by simp qed (* proof of "val(G,?m) \ val(G,?n)" *) with val_m first_incl have "val(G,?n) = {x \ A. (M[G], [x] @ env @ [A] \ \)}" by auto also from \A\_\ phi \env \ _\ have " ... = {x \ A. (M[G], [x] @ env \ \)}" using arity_sats_iff[where env="[_]@env"] transitivity_MG by auto finally show "{x \ A. (M[G], [x] @ env \ \)}\ M[G]" using \?n\M\ GenExt_def by force qed theorem separation_in_MG: assumes "\\formula" and "arity(\) \ 1 +\<^sub>\ length(env)" and "env\list(M[G])" shows "separation(##M[G],\x. (M[G], [x] @ env \ \))" proof - { fix A assume "A\M[G]" moreover from \env \ _\ obtain nenv where "nenv\list(M)""env = map(val(G),nenv)" "length(env) = length(nenv)" using GenExt_def map_val[of env] by auto moreover note \\ \ _\ \arity(\) \ _\ \env \ _\ ultimately have "{x \ A . (M[G], [x] @ env \ \)} \ M[G]" using Collect_sats_in_MG by auto } then show ?thesis using separation_iff rev_bexI unfolding is_Collect_def by force qed end \ \\<^locale>\G_generic1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/Union_Axiom.thy b/thys/Independence_CH/Union_Axiom.thy --- a/thys/Independence_CH/Union_Axiom.thy +++ b/thys/Independence_CH/Union_Axiom.thy @@ -1,133 +1,133 @@ section\The Axiom of Unions in $M[G]$\ theory Union_Axiom imports Names begin definition Union_name_body :: "[i,i,i,i] \ o" where "Union_name_body(P,leq,\,x) \ \ \\domain(\) . \q\P . \r\P . \\,q\ \ \ \ \fst(x),r\ \ \ \ \snd(x),r\ \ leq \ \snd(x),q\ \ leq" definition Union_name :: "[i,i,i] \ i" where "Union_name(P,leq,\) \ {u \ domain(\(domain(\))) \ P . Union_name_body(P,leq,\,u)}" context forcing_data1 begin lemma Union_name_closed : assumes "\ \ M" - shows "Union_name(P,leq,\) \ M" + shows "Union_name(\,leq,\) \ M" proof - - let ?Q="Union_name_body(P,leq,\)" + let ?Q="Union_name_body(\,leq,\)" note lr_fst2 = lam_replacement_hcomp[OF lam_replacement_fst lam_replacement_fst] and lr_fst3 = lam_replacement_hcomp[OF lr_fst2] lam_replacement_hcomp[OF lr_fst2 lr_fst2] note \\\M\ moreover from this have "domain(\(domain(\)))\M" (is "?d \ _") using domain_closed Union_closed by simp moreover from this - have "?d \ P \ M" + have "?d \ \ \ M" using cartprod_closed by simp - note types = assms \?d\P \ M\ \?d\M\ + note types = assms \?d\\ \ M\ \?d\M\ ultimately show ?thesis using domain_closed pair_in_M_iff fst_closed snd_closed separation_closed lam_replacement_constant lam_replacement_hcomp lam_replacement_fst lam_replacement_snd lam_replacement_product separation_bex separation_conj separation_in lr_fst2 lr_fst3 lam_replacement_hcomp[OF lr_fst3(1) lam_replacement_snd] unfolding Union_name_body_def Union_name_def by simp qed lemma Union_MG_Eq : assumes "a \ M[G]" and "a = val(G,\)" and "filter(G)" and "\ \ M" - shows "\ a = val(G,Union_name(P,leq,\))" + shows "\ a = val(G,Union_name(\,leq,\))" proof (intro equalityI subsetI) fix x assume "x \ \ a" with \a=_\ have "x \ \ (val(G,\))" by simp then obtain i where "i \ val(G,\)" "x \ i" by blast with \\ \ M\ obtain \ q where "q \ G" "\\,q\ \ \" "val(G,\) = i" "\ \ M" using elem_of_val_pair domain_trans[OF trans_M] by blast moreover from this \x \ i\ obtain \ r where "r \ G" "\\,r\ \ \" "val(G,\) = x" "\ \ M" using elem_of_val_pair domain_trans[OF trans_M] by blast moreover from calculation have "\ \ domain(\(domain(\)))" by auto moreover from calculation \filter(G)\ - obtain p where "p \ G" "\p,r\ \ leq" "\p,q\ \ leq" "p \ P" "r \ P" "q \ P" + obtain p where "p \ G" "\p,r\ \ leq" "\p,q\ \ leq" "p \ \" "r \ \" "q \ \" using low_bound_filter filterD by blast moreover from this have "p \ M" "q\M" "r\M" by (auto dest:transitivity) moreover from calculation - have "\\,p\ \ Union_name(P,leq,\)" + have "\\,p\ \ Union_name(\,leq,\)" unfolding Union_name_def Union_name_body_def by auto - moreover from this \p\P\ \p\G\ - have "val(G,\) \ val(G,Union_name(P,leq,\))" + moreover from this \p\\\ \p\G\ + have "val(G,\) \ val(G,Union_name(\,leq,\))" using val_of_elem by simp ultimately - show "x \ val(G,Union_name(P,leq,\))" + show "x \ val(G,Union_name(\,leq,\))" by simp next fix x - assume "x \ (val(G,Union_name(P,leq,\)))" + assume "x \ (val(G,Union_name(\,leq,\)))" moreover note \filter(G)\ \a=val(G,\)\ moreover from calculation - obtain \ p where "p \ G" "\\,p\ \ Union_name(P,leq,\)" "val(G,\) = x" + obtain \ p where "p \ G" "\\,p\ \ Union_name(\,leq,\)" "val(G,\) = x" using elem_of_val_pair by blast moreover from calculation - have "p\P" + have "p\\" using filterD by simp moreover from calculation - obtain \ q r where "\\,q\ \ \" "\\,r\ \ \" "\p,r\ \ leq" "\p,q\ \ leq" "r\P" "q\P" + obtain \ q r where "\\,q\ \ \" "\\,r\ \ \" "\p,r\ \ leq" "\p,q\ \ leq" "r\\" "q\\" unfolding Union_name_def Union_name_body_def by auto moreover from calculation have "r \ G" "q \ G" using filter_leqD by auto - moreover from this \\\,r\ \ \\ \\\,q\\\\ \q\P\ \r\P\ + moreover from this \\\,r\ \ \\ \\\,q\\\\ \q\\\ \r\\\ have "val(G,\) \ val(G,\)" "val(G,\) \ val(G,\)" using val_of_elem by simp+ ultimately show "x \ \ a" by blast qed lemma union_in_MG : assumes "filter(G)" shows "Union_ax(##M[G])" unfolding Union_ax_def proof(clarsimp) fix a assume "a \ M[G]" moreover note \filter(G)\ moreover from calculation interpret mgtrans : M_trans "##M[G]" using transitivity_MG by (unfold_locales; auto) from calculation obtain \ where "\ \ M" "a=val(G,\)" using GenExtD by blast moreover from this - have "val(G,Union_name(P,leq,\)) \ M[G]" + have "val(G,Union_name(\,leq,\)) \ M[G]" using GenExtI Union_name_closed by simp ultimately show "\z\M[G] . big_union(##M[G],a,z)" using Union_MG_Eq by auto qed theorem Union_MG : "M_generic(G) \ Union_ax(##M[G])" by (auto simp:union_in_MG) end \ \\<^locale>\forcing_data1\\ end \ No newline at end of file diff --git a/thys/Independence_CH/ZF_Trans_Interpretations.thy b/thys/Independence_CH/ZF_Trans_Interpretations.thy --- a/thys/Independence_CH/ZF_Trans_Interpretations.thy +++ b/thys/Independence_CH/ZF_Trans_Interpretations.thy @@ -1,687 +1,677 @@ section\Further instances of axiom-schemes\ theory ZF_Trans_Interpretations imports Internal_ZFC_Axioms Replacement_Instances begin locale M_ZF2 = M_ZF1 + assumes replacement_ax2: "replacement_assm(M,env,replacement_is_order_body_fm)" "replacement_assm(M,env,wfrec_replacement_order_pred_fm)" "replacement_assm(M,env,replacement_HAleph_wfrec_repl_body_fm)" "replacement_assm(M,env,replacement_is_order_eq_map_fm)" definition instances2_fms where "instances2_fms \ { replacement_is_order_body_fm, wfrec_replacement_order_pred_fm, replacement_HAleph_wfrec_repl_body_fm, replacement_is_order_eq_map_fm }" lemmas replacement_instances2_defs = replacement_is_order_body_fm_def wfrec_replacement_order_pred_fm_def replacement_HAleph_wfrec_repl_body_fm_def replacement_is_order_eq_map_fm_def declare (in M_ZF2) replacement_instances2_defs [simp] locale M_ZF2_trans = M_ZF1_trans + M_ZF2 locale M_ZFC2 = M_ZFC1 + M_ZF2 locale M_ZFC2_trans = M_ZFC1_trans + M_ZF2_trans + M_ZFC2 locale M_ZF2_ground_notCH = M_ZF2 + M_ZF_ground_notCH locale M_ZF2_ground_notCH_trans = M_ZF2_trans + M_ZF2_ground_notCH + M_ZF_ground_notCH_trans locale M_ZFC2_ground_notCH = M_ZFC2 + M_ZF2_ground_notCH locale M_ZFC2_ground_notCH_trans = M_ZFC2_trans + M_ZFC2_ground_notCH + M_ZF2_ground_notCH_trans locale M_ZFC2_ground_CH_trans = M_ZFC2_ground_notCH_trans + M_ZF_ground_CH_trans locale M_ctm2 = M_ctm1 + M_ZF2_ground_notCH_trans locale M_ctm2_AC = M_ctm2 + M_ctm1_AC + M_ZFC2_ground_notCH_trans locale M_ctm2_AC_CH = M_ctm2_AC + M_ZFC2_ground_CH_trans lemmas (in M_ZF1_trans) separation_instances = separation_well_ord_iso separation_obase_equals separation_is_obase separation_PiP_rel separation_surjP_rel separation_radd_body separation_rmult_body context M_ZF2_trans begin lemma replacement_HAleph_wfrec_repl_body: "B\M \ strong_replacement(##M, HAleph_wfrec_repl_body(##M,B))" using strong_replacement_rel_in_ctm[where \="HAleph_wfrec_repl_body_fm(2,0,1)" and env="[B]"] zero_in_M arity_HAleph_wfrec_repl_body_fm replacement_ax2(3) ord_simp_union by simp lemma HAleph_wfrec_repl: "(##M)(sa) \ (##M)(esa) \ (##M)(mesa) \ strong_replacement (##M, \x z. \y[##M]. pair(##M, x, y, z) \ (\f[##M]. (\z[##M]. z \ f \ (\xa[##M]. \y[##M]. \xaa[##M]. \sx[##M]. \r_sx[##M]. \f_r_sx[##M]. pair(##M, xa, y, z) \ pair(##M, xa, x, xaa) \ upair(##M, xa, xa, sx) \ pre_image(##M, mesa, sx, r_sx) \ restriction(##M, f, r_sx, f_r_sx) \ xaa \ mesa \ is_HAleph(##M, xa, f_r_sx, y))) \ is_HAleph(##M, x, f, y)))" using replacement_HAleph_wfrec_repl_body unfolding HAleph_wfrec_repl_body_def by simp lemma replacement_is_order_eq_map: "A\M \ r\M \ strong_replacement(##M, order_eq_map(##M,A,r))" using strong_replacement_rel_in_ctm[where \="order_eq_map_fm(2,3,0,1)" and env="[A,r]" and f="order_eq_map(##M,A,r)"] order_eq_map_iff_sats[where env="[_,_,A,r]"] zero_in_M fst_snd_closed pair_in_M_iff arity_order_eq_map_fm ord_simp_union replacement_ax2(4) by simp end \ \\<^locale>\M_ZF2_trans\\ definition omap_wfrec_body where "omap_wfrec_body(A,r) \ (\\\image_fm(2, 0, 1) \ pred_set_fm(A #+ 9, 3, r #+ 9, 0) \\)" lemma type_omap_wfrec_body_fm :"A\nat \ r\nat \ omap_wfrec_body(A,r)\formula" unfolding omap_wfrec_body_def by simp lemma arity_aux : "A\nat \ r\nat \ arity(omap_wfrec_body(A,r)) = (9+\<^sub>\A) \ (9+\<^sub>\r)" unfolding omap_wfrec_body_def using arity_image_fm arity_pred_set_fm pred_Un_distrib union_abs2[of 3] union_abs1 by (simp add:FOL_arities, auto simp add:Un_assoc[symmetric] union_abs1) lemma arity_omap_wfrec: "A\nat \ r\nat \ arity(is_wfrec_fm(omap_wfrec_body(A,r),succ(succ(succ(r))), 1, 0)) = (4+\<^sub>\A) \ (4+\<^sub>\r)" using Arities.arity_is_wfrec_fm[OF _ _ _ _ _ arity_aux,of A r "3+\<^sub>\r" 1 0] pred_Un_distrib union_abs1 union_abs2 type_omap_wfrec_body_fm by auto lemma arity_isordermap: "A\nat \ r\nat \d\nat\ arity(is_ordermap_fm(A,r,d)) = succ(d) \ (succ(A) \ succ(r))" unfolding is_ordermap_fm_def using arity_lambda_fm[where i="(4+\<^sub>\A) \ (4+\<^sub>\r)",OF _ _ _ _ arity_omap_wfrec, unfolded omap_wfrec_body_def] pred_Un_distrib union_abs1 by auto lemma arity_is_ordertype: "A\nat \ r\nat \d\nat\ arity(is_ordertype_fm(A,r,d)) = succ(d) \ (succ(A) \ succ(r))" unfolding is_ordertype_fm_def using arity_isordermap arity_image_fm pred_Un_distrib FOL_arities by auto lemma arity_is_order_body: "arity(is_order_body_fm(1,0)) = 2" using arity_is_order_body_fm arity_is_ordertype ord_simp_union by (simp add:FOL_arities) lemma (in M_ZF2_trans) replacement_is_order_body: "strong_replacement(##M, \x z . \y[##M]. is_order_body(##M,x,y) \ z = \x,y\)" apply(rule_tac strong_replacement_cong[ where P="\ x f. M,[x,f] \ (\\ \is_order_body_fm(1,0) \ pair_fm(1,0,2) \\)",THEN iffD1]) apply(simp add: is_order_body_iff_sats[where env="[_,_]",symmetric]) apply(simp_all add:zero_in_M ) apply(rule_tac replacement_ax2(1)[unfolded replacement_assm_def, rule_format, where env="[]",simplified]) apply(simp_all add:arity_is_order_body arity pred_Un_distrib ord_simp_union) done definition H_order_pred where "H_order_pred(A,r) \ \x f . f `` Order.pred(A, x, r)" relationalize "H_order_pred" "is_H_order_pred" lemma (in M_basic) H_order_pred_abs : "M(A) \ M(r) \ M(x) \ M(f) \ M(z) \ is_H_order_pred(M,A,r,x,f,z) \ z = H_order_pred(A,r,x,f)" unfolding is_H_order_pred_def H_order_pred_def by simp synthesize "is_H_order_pred" from_definition assuming "nonempty" lemma (in M_ZF2_trans) wfrec_replacement_order_pred: "A\M \ r\M \ wfrec_replacement(##M, \x g z. is_H_order_pred(##M,A,r,x,g,z) , r)" unfolding wfrec_replacement_def is_wfrec_def M_is_recfun_def is_H_order_pred_def apply(rule_tac strong_replacement_cong[ where P="\ x f. M,[x,f,r,A] \ order_pred_wfrec_body_fm(3,2,1,0)",THEN iffD1]) apply(subst order_pred_wfrec_body_def[symmetric]) apply(rule_tac order_pred_wfrec_body_iff_sats[where env="[_,_,r,A]",symmetric]) apply(simp_all add:zero_in_M) apply(rule_tac replacement_ax2(2)[unfolded replacement_assm_def, rule_format, where env="[r,A]",simplified]) apply(simp_all add: arity_order_pred_wfrec_body_fm ord_simp_union) done lemma (in M_ZF2_trans) wfrec_replacement_order_pred': "A\M \ r\M \ wfrec_replacement(##M, \x g z. z = H_order_pred(A,r,x,g) , r)" using wfrec_replacement_cong[OF H_order_pred_abs[of A r,rule_format] refl,THEN iffD1, OF _ _ _ _ _ wfrec_replacement_order_pred[of A r]] by simp sublocale M_ZF2_trans \ M_pre_cardinal_arith "##M" using separation_instances wfrec_replacement_order_pred'[unfolded H_order_pred_def] replacement_is_order_eq_map[unfolded order_eq_map_def] by unfold_locales simp_all definition is_well_ord_fst_snd where "is_well_ord_fst_snd(A,x) \ (\a[A]. \b[A]. is_well_ord(A,a,b) \ is_snd(A, x, b) \ is_fst(A, x, a))" synthesize "is_well_ord_fst_snd" from_definition assuming "nonempty" arity_theorem for "is_well_ord_fst_snd_fm" lemma (in M_ZF2_trans) separation_well_ord: "separation(##M, \x. is_well_ord(##M,fst(x), snd(x)))" using arity_is_well_ord_fst_snd_fm is_well_ord_iff_sats[symmetric] nonempty fst_closed snd_closed fst_abs snd_abs separation_in_ctm[where env="[]" and \="is_well_ord_fst_snd_fm(0)"] by(simp_all add: is_well_ord_fst_snd_def) sublocale M_ZF2_trans \ M_pre_aleph "##M" using HAleph_wfrec_repl replacement_is_order_body separation_well_ord separation_Pow_rel by unfold_locales (simp_all add: transrec_replacement_def wfrec_replacement_def is_wfrec_def M_is_recfun_def flip:setclass_iff) arity_theorem intermediate for "is_HAleph_fm" lemma arity_is_HAleph_fm: "arity(is_HAleph_fm(2, 1, 0)) = 3" using arity_fun_apply_fm[of "11" 0 1,simplified] arity_is_HAleph_fm' arity_ordinal_fm arity_is_If_fm arity_empty_fm arity_is_Limit_fm arity_is_If_fm arity_is_Limit_fm arity_empty_fm arity_Replace_fm[where i="12" and v=10 and n=3] pred_Un_distrib ord_simp_union by (simp add:FOL_arities) lemma arity_is_Aleph[arity]: "arity(is_Aleph_fm(0, 1)) = 2" unfolding is_Aleph_fm_def using arity_transrec_fm[OF _ _ _ _ arity_is_HAleph_fm] ord_simp_union by simp definition bex_Aleph_rel :: "[i\o,i,i] \ o" where "bex_Aleph_rel(M,x) \ \y. \z\x. y = \\<^bsub>z\<^esub>\<^bsup>M\<^esup>" relationalize "bex_Aleph_rel" "is_bex_Aleph" schematic_goal sats_is_bex_Aleph_fm_auto: "a \ nat \ c \ nat \ env \ list(A) \ a < length(env) \ c < length(env) \ 0 \ A \ is_bex_Aleph(##A, nth(a, env), nth(c, env)) \ A, env \ ?fm(a, c)" unfolding is_bex_Aleph_def by (rule iff_sats | simp)+ synthesize_notc "is_bex_Aleph" from_schematic lemma is_bex_Aleph_fm_type [TC]: "x \ \ \ z \ \ \ is_bex_Aleph_fm(x, z) \ formula" unfolding is_bex_Aleph_fm_def by simp lemma sats_is_bex_Aleph_fm: "x \ \ \ z \ \ \ x < length(env) \ z < length(env) \ env \ list(Aa) \ 0 \ Aa \ (Aa, env \ is_bex_Aleph_fm(x, z)) \ is_bex_Aleph(##Aa,nth(x, env), nth(z, env))" using sats_is_bex_Aleph_fm_auto unfolding is_bex_Aleph_def is_bex_Aleph_fm_def by simp lemma is_bex_Aleph_iff_sats [iff_sats]: "nth(x, env) = xa \ nth(z, env) = za \ x \ \ \ z \ \ \ x < length(env) \ z < length(env) \ env \ list(Aa) \ 0 \ Aa \ is_bex_Aleph(##Aa, xa, za) \ Aa, env \ is_bex_Aleph_fm(x, z)" using sats_is_bex_Aleph_fm by simp arity_theorem for "is_bex_Aleph_fm" lemma (in M_ZF1_trans) separation_is_bex_Aleph: assumes "(##M)(A)" shows "separation(##M,is_bex_Aleph(##M, A))" using assms separation_in_ctm[where env="[A]" and \="is_bex_Aleph_fm(1,0)", OF _ _ _ is_bex_Aleph_iff_sats[symmetric], of "\_.A"] nonempty arity_is_bex_Aleph_fm is_bex_Aleph_fm_type by (simp add:ord_simp_union) lemma (in M_pre_aleph) bex_Aleph_rel_abs: assumes "Ord(u)" "M(u)" "M(v)" shows "is_bex_Aleph(M, u, v) \ bex_Aleph_rel(M,u,v)" unfolding is_bex_Aleph_def bex_Aleph_rel_def using assms is_Aleph_iff transM[of _ u] Ord_in_Ord by simp lemma (in M_ZF2_trans) separation_bex_Aleph_rel: "Ord(x) \ (##M)(x) \ separation(##M, bex_Aleph_rel(##M,x))" using separation_is_bex_Aleph bex_Aleph_rel_abs separation_cong[where P="is_bex_Aleph(##M,x)" and M="##M",THEN iffD1] unfolding bex_Aleph_rel_def by simp sublocale M_ZF2_trans \ M_aleph "##M" using separation_bex_Aleph_rel[unfolded bex_Aleph_rel_def] by unfold_locales sublocale M_ZF1_trans \ M_FiniteFun "##M" using separation_is_function separation_omfunspace by unfold_locales simp sublocale M_ZFC2_trans \ M_cardinal_AC "##M" using lam_replacement_minimum by unfold_locales simp (* TopLevel *) lemma (in M_ZF1_trans) separation_cardinal_rel_lesspoll_rel: "(##M)(\) \ separation(##M, \x. x \\<^bsup>M\<^esup> \)" using separation_in_ctm[where \="( \0 \ 1\ )" and env="[\]"] is_lesspoll_iff nonempty arity_is_cardinal_fm arity_is_lesspoll_fm arity_is_bij_fm ord_simp_union by (simp add:FOL_arities) sublocale M_ZFC2_trans \ M_library "##M" using separation_cardinal_rel_lesspoll_rel lam_replacement_minimum by unfold_locales simp_all locale M_ZF3 = M_ZF2 + assumes ground_replacements3: "ground_replacement_assm(M,env,replacement_is_order_body_fm)" "ground_replacement_assm(M,env,wfrec_replacement_order_pred_fm)" - "ground_replacement_assm(M,env,list_repl1_intf_fm)" - "ground_replacement_assm(M,env,list_repl2_intf_fm)" - "ground_replacement_assm(M,env,formula_repl2_intf_fm)" "ground_replacement_assm(M,env,eclose_repl2_intf_fm)" "ground_replacement_assm(M,env,wfrec_rank_fm)" "ground_replacement_assm(M,env,trans_repl_HVFrom_fm)" - "ground_replacement_assm(M,env,tl_repl_intf_fm)" - "ground_replacement_assm(M,env,formula_repl1_intf_fm)" "ground_replacement_assm(M,env,eclose_repl1_intf_fm)" "ground_replacement_assm(M,env,replacement_HAleph_wfrec_repl_body_fm)" "ground_replacement_assm(M,env,replacement_is_order_eq_map_fm)" definition instances3_fms where "instances3_fms \ { ground_repl_fm(replacement_is_order_body_fm), ground_repl_fm(wfrec_replacement_order_pred_fm), - ground_repl_fm(list_repl1_intf_fm), - ground_repl_fm(list_repl2_intf_fm), - ground_repl_fm(formula_repl2_intf_fm), ground_repl_fm(eclose_repl2_intf_fm), ground_repl_fm(wfrec_rank_fm), ground_repl_fm(trans_repl_HVFrom_fm), - ground_repl_fm(tl_repl_intf_fm), - ground_repl_fm(formula_repl1_intf_fm), ground_repl_fm(eclose_repl1_intf_fm), ground_repl_fm(replacement_HAleph_wfrec_repl_body_fm), ground_repl_fm(replacement_is_order_eq_map_fm) }" -text\This set has $13$ internalized formulas, corresponding to the total +text\This set has $8$ internalized formulas, corresponding to the total count of previous replacement instances (apart from those $5$ in \<^term>\instances_ground_fms\ and \<^term>\instances_ground_notCH_fms\, and \<^term>\replacement_dcwit_repl_body_fm\).\ definition overhead where "overhead \ instances1_fms \ instances_ground_fms" definition overhead_notCH where "overhead_notCH \ overhead \ instances2_fms \ instances3_fms \ instances_ground_notCH_fms" definition overhead_CH where "overhead_CH \ overhead_notCH \ { replacement_dcwit_repl_body_fm }" text\Hence, the “overhead” to create a proper extension of a ctm by forcing -consists of $16$ replacement instances. To force $\neg\CH$, -31 instances are need, and one further instance is required to +consists of $7$ replacement instances. To force $\neg\CH$, +21 instances are need, and one further instance is required to force $\CH$.\ lemma instances2_fms_type[TC] : "instances2_fms \ formula" unfolding instances2_fms_def replacement_instances2_defs by (auto simp del: Lambda_in_M_fm_def) lemma overhead_type: "overhead \ formula" using instances1_fms_type instances_ground_fms_type unfolding overhead_def replacement_instances1_defs by simp lemma overhead_notCH_type: "overhead_notCH \ formula" using overhead_type unfolding overhead_notCH_def replacement_transrec_apply_image_body_fm_def replacement_is_trans_apply_image_fm_def instances_ground_notCH_fms_def instances2_fms_def instances3_fms_def by (auto simp: replacement_instances1_defs replacement_instances2_defs simp del: Lambda_in_M_fm_def) lemma overhead_CH_type: "overhead_CH \ formula" using overhead_notCH_type unfolding overhead_CH_def replacement_dcwit_repl_body_fm_def by auto locale M_ZF3_trans = M_ZF2_trans + M_ZF3 locale M_ZFC3 = M_ZFC2 + M_ZF3 locale M_ZFC3_trans = M_ZFC2_trans + M_ZF3_trans + M_ZFC3 locale M_ctm3 = M_ctm2 + M_ZF3_trans locale M_ctm3_AC = M_ctm3 + M_ctm1_AC + M_ZFC3_trans lemma M_satT_imp_M_ZF2: "(M \ ZF) \ M_ZF1(M)" proof - assume "M \ ZF" then have fin: "upair_ax(##M)" "Union_ax(##M)" "power_ax(##M)" "extensionality(##M)" "foundation_ax(##M)" "infinity_ax(##M)" unfolding ZF_def ZF_fin_def ZFC_fm_defs satT_def using ZFC_fm_sats[of M] by simp_all { fix \ env assume "\ \ formula" "env\list(M)" moreover from \M \ ZF\ have "\p\formula. (M, [] \ (ZF_separation_fm(p)))" "\p\formula. (M, [] \ (ZF_replacement_fm(p)))" unfolding ZF_def ZF_schemes_def by auto moreover from calculation have "arity(\) \ succ(length(env)) \ separation(##M, \x. (M, Cons(x, env) \ \))" "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_separation_fm_iff sats_ZF_replacement_fm_iff unfolding replacement_assm_def by simp_all } with fin show "M_ZF1(M)" by unfold_locales (simp_all add:replacement_assm_def ground_replacement_assm_def) qed lemma M_satT_imp_M_ZFC1: shows "(M \ ZFC) \ M_ZFC1(M)" proof - have "(M \ ZF) \ choice_ax(##M) \ M_ZFC1(M)" using M_satT_imp_M_ZF2[of M] unfolding M_ZFC1_def M_ZC_basic_def M_ZF1_def M_AC_def by auto then show ?thesis unfolding ZFC_def by auto qed lemma M_satT_instances1_imp_M_ZF1: assumes "(M \ \Z\ \ {\Replacement(p)\ . p \ instances1_fms })" shows "M_ZF1(M)" proof - from assms have fin: "upair_ax(##M)" "Union_ax(##M)" "power_ax(##M)" "extensionality(##M)" "foundation_ax(##M)" "infinity_ax(##M)" unfolding ZF_fin_def Zermelo_fms_def ZFC_fm_defs satT_def using ZFC_fm_sats[of M] by simp_all moreover { fix \ env from \M \ \Z\ \ {\Replacement(p)\ . p \ instances1_fms }\ have "\p\formula. (M, [] \ (ZF_separation_fm(p)))" unfolding Zermelo_fms_def ZF_def instances1_fms_def by auto moreover assume "\ \ formula" "env\list(M)" ultimately have "arity(\) \ succ(length(env)) \ separation(##M, \x. (M, Cons(x, env) \ \))" using sats_ZF_separation_fm_iff by simp_all } moreover { fix \ env assume "\ \ instances1_fms" "env\list(M)" moreover from this and \M \ \Z\ \ {\Replacement(p)\ . p \ instances1_fms }\ have "M, [] \ \Replacement(\)\" by auto ultimately have "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_replacement_fm_iff[of \] instances1_fms_type unfolding replacement_assm_def by auto } ultimately show ?thesis unfolding instances1_fms_def by unfold_locales (simp_all add:replacement_assm_def ground_replacement_assm_def) qed theorem M_satT_imp_M_ZF_ground_trans: assumes "Transset(M)" "M \ \Z\ \ {\Replacement(p)\ . p \ overhead}" shows "M_ZF_ground_trans(M)" proof - from \M \ \Z\ \ _\ have "M \ \Z\ \ {\Replacement(p)\ . p \ instances1_fms }" "M \ {\Replacement(p)\ . p \ instances_ground_fms }" unfolding overhead_def by auto then interpret M_ZF1 M using M_satT_instances1_imp_M_ZF1 by simp from \Transset(M)\ interpret M_ZF1_trans M using M_satT_imp_M_ZF2 by unfold_locales { fix \ env assume "\ \ instances_ground_fms" "env\list(M)" moreover from this and \M \ {\Replacement(p)\ . p \ instances_ground_fms}\ have "M, [] \ \Replacement(\)\" by auto ultimately have "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_replacement_fm_iff[of \] instances_ground_fms_type unfolding replacement_assm_def by auto } then show ?thesis unfolding instances_ground_fms_def by unfold_locales (simp_all add:replacement_assm_def) qed theorem M_satT_imp_M_ZF_ground_notCH_trans: assumes "Transset(M)" "M \ \Z\ \ {\Replacement(p)\ . p \ overhead_notCH}" shows "M_ZF_ground_notCH_trans(M)" proof - from assms interpret M_ZF_ground_trans M using M_satT_imp_M_ZF_ground_trans unfolding overhead_notCH_def by force { fix \ env assume "\ \ instances_ground_notCH_fms" "env\list(M)" moreover from this and assms have "M, [] \ \Replacement(\)\" unfolding overhead_notCH_def by auto ultimately have "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_replacement_fm_iff[of \] instances_ground_notCH_fms_type unfolding replacement_assm_def by auto } then show ?thesis by unfold_locales (simp_all add:replacement_assm_def instances_ground_notCH_fms_def) qed theorem M_satT_imp_M_ZF_ground_CH_trans: assumes "Transset(M)" "M \ \Z\ \ {\Replacement(p)\ . p \ overhead_CH }" shows "M_ZF_ground_CH_trans(M)" proof - from assms interpret M_ZF_ground_notCH_trans M using M_satT_imp_M_ZF_ground_notCH_trans unfolding overhead_CH_def by auto { fix env assume "env \ list(M)" moreover from assms have "M, [] \ \Replacement(replacement_dcwit_repl_body_fm)\" unfolding overhead_CH_def by auto ultimately have "arity(replacement_dcwit_repl_body_fm) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,replacement_dcwit_repl_body_fm,Cons(x,Cons(y, env))))" using sats_ZF_replacement_fm_iff[of replacement_dcwit_repl_body_fm] unfolding replacement_assm_def by (auto simp:replacement_dcwit_repl_body_fm_def) } then show ?thesis by unfold_locales (simp_all add:replacement_assm_def) qed lemma (in M_Z_basic) M_satT_Zermelo_fms: "M \ \Z\" using upair_ax Union_ax power_ax extensionality foundation_ax infinity_ax separation_ax sats_ZF_separation_fm_iff unfolding Zermelo_fms_def ZF_fin_def by auto lemma (in M_ZFC1) M_satT_ZC: "M \ ZC" using upair_ax Union_ax power_ax extensionality foundation_ax infinity_ax separation_ax sats_ZF_separation_fm_iff choice_ax unfolding ZC_def Zermelo_fms_def ZF_fin_def by auto locale M_ZF = M_Z_basic + assumes replacement_ax:"replacement_assm(M,env,\)" sublocale M_ZF \ M_ZF3 using replacement_ax by unfold_locales (simp_all add:ground_replacement_assm_def) lemma M_satT_imp_M_ZF: " M \ ZF \ M_ZF(M)" proof - assume "M \ ZF" then have fin: "upair_ax(##M)" "Union_ax(##M)" "power_ax(##M)" "extensionality(##M)" "foundation_ax(##M)" "infinity_ax(##M)" unfolding ZF_def ZF_fin_def ZFC_fm_defs satT_def using ZFC_fm_sats[of M] by simp_all { fix \ env assume "\ \ formula" "env\list(M)" moreover from \M \ ZF\ have "\p\formula. (M, [] \ (ZF_separation_fm(p)))" "\p\formula. (M, [] \ (ZF_replacement_fm(p)))" unfolding ZF_def ZF_schemes_def by auto moreover from calculation have "arity(\) \ succ(length(env)) \ separation(##M, \x. (M, Cons(x, env) \ \))" "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_separation_fm_iff sats_ZF_replacement_fm_iff unfolding replacement_assm_def by simp_all } with fin show "M_ZF(M)" unfolding M_ZF_def M_Z_basic_def M_ZF_axioms_def replacement_assm_def by simp qed lemma (in M_ZF) M_satT_ZF: "M \ ZF" using upair_ax Union_ax power_ax extensionality foundation_ax infinity_ax separation_ax sats_ZF_separation_fm_iff replacement_ax sats_ZF_replacement_fm_iff unfolding ZF_def ZF_schemes_def ZF_fin_def replacement_assm_def by auto lemma M_ZF_iff_M_satT: "M_ZF(M) \ (M \ ZF)" using M_ZF.M_satT_ZF M_satT_imp_M_ZF by auto locale M_ZFC = M_ZF + M_ZC_basic sublocale M_ZFC \ M_ZFC3 by unfold_locales lemma M_ZFC_iff_M_satT: notes iff_trans[trans] shows "M_ZFC(M) \ (M \ ZFC)" proof - have "M_ZFC(M) \ (M \ ZF) \ choice_ax(##M)" using M_ZF_iff_M_satT unfolding M_ZFC_def M_ZC_basic_def M_AC_def M_ZF_def by auto also have " \ \ M \ ZFC" unfolding ZFC_def by auto ultimately show ?thesis by simp qed lemma M_satT_imp_M_ZF3: "(M \ ZF) \ M_ZF3(M)" proof assume "M \ ZF" then interpret M_ZF M using M_satT_imp_M_ZF by simp show "M_ZF3(M)" by unfold_locales qed lemma M_satT_imp_M_ZFC3: shows "(M \ ZFC) \ M_ZFC3(M)" proof assume "M \ ZFC" then interpret M_ZFC M using M_ZFC_iff_M_satT by simp show "M_ZFC3(M)" by unfold_locales qed lemma M_satT_overhead_imp_M_ZF3: "(M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}) \ M_ZFC3(M)" proof assume "M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}" then have fin: "upair_ax(##M)" "Union_ax(##M)" "power_ax(##M)" "choice_ax(##M)" "extensionality(##M)" "foundation_ax(##M)" "infinity_ax(##M)" unfolding ZC_def ZF_fin_def Zermelo_fms_def ZFC_fm_defs satT_def using ZFC_fm_sats[of M] by simp_all moreover { fix \ env from \M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}\ have "\p\formula. (M, [] \ (ZF_separation_fm(p)))" unfolding ZC_def Zermelo_fms_def ZF_def by auto moreover assume "\ \ formula" "env\list(M)" ultimately have "arity(\) \ succ(length(env)) \ separation(##M, \x. (M, Cons(x, env) \ \))" using sats_ZF_separation_fm_iff by simp_all } moreover { fix \ env assume "\ \ overhead_notCH" "env\list(M)" moreover from this and \M \ ZC \ {\Replacement(p)\ . p \ overhead_notCH}\ have "M, [] \ \Replacement(\)\" by auto ultimately have "arity(\) \ succ(succ(length(env))) \ strong_replacement(##M,\x y. sats(M,\,Cons(x,Cons(y, env))))" using sats_ZF_replacement_fm_iff[of \] overhead_notCH_type unfolding replacement_assm_def by auto } ultimately show "M_ZFC3(M)" unfolding overhead_def overhead_notCH_def instances1_fms_def instances2_fms_def instances3_fms_def by unfold_locales (simp_all add:replacement_assm_def ground_replacement_assm_def) qed end \ No newline at end of file diff --git a/thys/Transitive_Models/DPow_absolute.thy b/thys/Transitive_Models/DPow_absolute.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/DPow_absolute.thy @@ -0,0 +1,627 @@ +(* Title: ZF/Constructible/DPow_absolute.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +section \Absoluteness for the Definable Powerset Function\ + + +theory DPow_absolute imports Satisfies_absolute begin + + +subsection\Preliminary Internalizations\ + +subsubsection\The Operator \<^term>\is_formula_rec\\ + +text\The three arguments of \<^term>\p\ are always 2, 1, 0. It is buried + within 11 quantifiers!!\ + +(* is_formula_rec :: "[i=>o, [i,i,i]=>o, i, i] => o" + "is_formula_rec(M,MH,p,z) == + \dp[M]. \i[M]. \f[M]. finite_ordinal(M,dp) & is_depth(M,p,dp) & + 2 1 0 + successor(M,dp,i) & fun_apply(M,f,p,z) & is_transrec(M,MH,i,f)" +*) + +definition + formula_rec_fm :: "[i, i, i]=>i" where + "formula_rec_fm(mh,p,z) == + Exists(Exists(Exists( + And(finite_ordinal_fm(2), + And(depth_fm(p#+3,2), + And(succ_fm(2,1), + And(fun_apply_fm(0,p#+3,z#+3), is_transrec_fm(mh,1,0))))))))" + +lemma is_formula_rec_type [TC]: + "[| p \ formula; x \ nat; z \ nat |] + ==> formula_rec_fm(p,x,z) \ formula" +by (simp add: formula_rec_fm_def) + +lemma sats_formula_rec_fm: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 a10. + [|a0\A; a1\A; a2\A; a3\A; a4\A; a5\A; a6\A; a7\A; a8\A; a9\A; a10\A|] + ==> MH(a2, a1, a0) \ + sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3, + Cons(a4,Cons(a5,Cons(a6,Cons(a7, + Cons(a8,Cons(a9,Cons(a10,env))))))))))))" + shows + "[|x \ nat; z \ nat; env \ list(A)|] + ==> sats(A, formula_rec_fm(p,x,z), env) \ + is_formula_rec(##A, MH, nth(x,env), nth(z,env))" +by (simp add: formula_rec_fm_def sats_is_transrec_fm is_formula_rec_def + MH_iff_sats [THEN iff_sym]) + +lemma formula_rec_iff_sats: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 a10. + [|a0\A; a1\A; a2\A; a3\A; a4\A; a5\A; a6\A; a7\A; a8\A; a9\A; a10\A|] + ==> MH(a2, a1, a0) \ + sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3, + Cons(a4,Cons(a5,Cons(a6,Cons(a7, + Cons(a8,Cons(a9,Cons(a10,env))))))))))))" + shows + "[|nth(i,env) = x; nth(k,env) = z; + i \ nat; k \ nat; env \ list(A)|] + ==> is_formula_rec(##A, MH, x, z) \ sats(A, formula_rec_fm(p,i,k), env)" +by (simp add: sats_formula_rec_fm [OF MH_iff_sats]) + +theorem formula_rec_reflection: + assumes MH_reflection: + "!!f' f g h. REFLECTS[\x. MH(L, f'(x), f(x), g(x), h(x)), + \i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]" + shows "REFLECTS[\x. is_formula_rec(L, MH(L,x), f(x), h(x)), + \i x. is_formula_rec(##Lset(i), MH(##Lset(i),x), f(x), h(x))]" +apply (simp (no_asm_use) only: is_formula_rec_def) +apply (intro FOL_reflections function_reflections fun_plus_reflections + depth_reflection is_transrec_reflection MH_reflection) +done + + +subsubsection\The Operator \<^term>\is_satisfies\\ + +(* is_satisfies(M,A,p,z) == is_formula_rec (M, satisfies_MH(M,A), p, z) *) +definition + satisfies_fm :: "[i,i,i]=>i" where + "satisfies_fm(x) == formula_rec_fm (satisfies_MH_fm(x#+5#+6, 2, 1, 0))" + +lemma is_satisfies_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> satisfies_fm(x,y,z) \ formula" +by (simp add: satisfies_fm_def) + +lemma sats_satisfies_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, satisfies_fm(x,y,z), env) \ + is_satisfies(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: satisfies_fm_def is_satisfies_def sats_formula_rec_fm) + +lemma satisfies_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_satisfies(##A, x, y, z) \ sats(A, satisfies_fm(i,j,k), env)" +by (simp) + +theorem satisfies_reflection: + "REFLECTS[\x. is_satisfies(L,f(x),g(x),h(x)), + \i x. is_satisfies(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_satisfies_def) +apply (intro formula_rec_reflection satisfies_MH_reflection) +done + + +subsection \Relativization of the Operator \<^term>\DPow'\\ + +lemma DPow'_eq: + "DPow'(A) = {z . ep \ list(A) * formula, + \env \ list(A). \p \ formula. + ep = & z = {x\A. sats(A, p, Cons(x,env))}}" +by (simp add: DPow'_def, blast) + + +text\Relativize the use of \<^term>\sats\ within \<^term>\DPow'\ +(the comprehension).\ +definition + is_DPow_sats :: "[i=>o,i,i,i,i] => o" where + "is_DPow_sats(M,A,env,p,x) == + \n1[M]. \e[M]. \sp[M]. + is_satisfies(M,A,p,sp) \ is_Cons(M,x,env,e) \ + fun_apply(M, sp, e, n1) \ number1(M, n1)" + +lemma (in M_satisfies) DPow_sats_abs: + "[| M(A); env \ list(A); p \ formula; M(x) |] + ==> is_DPow_sats(M,A,env,p,x) \ sats(A, p, Cons(x,env))" +apply (subgoal_tac "M(env)") + apply (simp add: is_DPow_sats_def satisfies_closed satisfies_abs) +apply (blast dest: transM) +done + +lemma (in M_satisfies) Collect_DPow_sats_abs: + "[| M(A); env \ list(A); p \ formula |] + ==> Collect(A, is_DPow_sats(M,A,env,p)) = + {x \ A. sats(A, p, Cons(x,env))}" +by (simp add: DPow_sats_abs transM [of _ A]) + + +subsubsection\The Operator \<^term>\is_DPow_sats\, Internalized\ + +(* is_DPow_sats(M,A,env,p,x) == + \n1[M]. \e[M]. \sp[M]. + is_satisfies(M,A,p,sp) \ is_Cons(M,x,env,e) \ + fun_apply(M, sp, e, n1) \ number1(M, n1) *) + +definition + DPow_sats_fm :: "[i,i,i,i]=>i" where + "DPow_sats_fm(A,env,p,x) == + Forall(Forall(Forall( + Implies(satisfies_fm(A#+3,p#+3,0), + Implies(Cons_fm(x#+3,env#+3,1), + Implies(fun_apply_fm(0,1,2), number1_fm(2)))))))" + +lemma is_DPow_sats_type [TC]: + "[| A \ nat; x \ nat; y \ nat; z \ nat |] + ==> DPow_sats_fm(A,x,y,z) \ formula" +by (simp add: DPow_sats_fm_def) + +lemma sats_DPow_sats_fm [simp]: + "[| u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, DPow_sats_fm(u,x,y,z), env) \ + is_DPow_sats(##A, nth(u,env), nth(x,env), nth(y,env), nth(z,env))" +by (simp add: DPow_sats_fm_def is_DPow_sats_def) + +lemma DPow_sats_iff_sats: + "[| nth(u,env) = nu; nth(x,env) = nx; nth(y,env) = ny; nth(z,env) = nz; + u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> is_DPow_sats(##A,nu,nx,ny,nz) \ + sats(A, DPow_sats_fm(u,x,y,z), env)" +by simp + +theorem DPow_sats_reflection: + "REFLECTS[\x. is_DPow_sats(L,f(x),g(x),h(x),g'(x)), + \i x. is_DPow_sats(##Lset(i),f(x),g(x),h(x),g'(x))]" +apply (unfold is_DPow_sats_def) +apply (intro FOL_reflections function_reflections extra_reflections + satisfies_reflection) +done + + +subsection\A Locale for Relativizing the Operator \<^term>\DPow'\\ + +locale M_DPow = M_satisfies + + assumes sep: + "[| M(A); env \ list(A); p \ formula |] + ==> separation(M, \x. is_DPow_sats(M,A,env,p,x))" + and rep: + "M(A) + ==> strong_replacement (M, + \ep z. \env[M]. \p[M]. mem_formula(M,p) & mem_list(M,A,env) & + pair(M,env,p,ep) & + is_Collect(M, A, \x. is_DPow_sats(M,A,env,p,x), z))" + +lemma (in M_DPow) sep': + "[| M(A); env \ list(A); p \ formula |] + ==> separation(M, \x. sats(A, p, Cons(x,env)))" +by (insert sep [of A env p], simp add: DPow_sats_abs) + +lemma (in M_DPow) rep': + "M(A) + ==> strong_replacement (M, + \ep z. \env\list(A). \p\formula. + ep = & z = {x \ A . sats(A, p, Cons(x, env))})" +by (insert rep [of A], simp add: Collect_DPow_sats_abs) + + +lemma univalent_pair_eq: + "univalent (M, A, \xy z. \x\B. \y\C. xy = \x,y\ \ z = f(x,y))" +by (simp add: univalent_def, blast) + +lemma (in M_DPow) DPow'_closed: "M(A) ==> M(DPow'(A))" +apply (simp add: DPow'_eq) +apply (fast intro: rep' sep' univalent_pair_eq) +done + +text\Relativization of the Operator \<^term>\DPow'\\ +definition + is_DPow' :: "[i=>o,i,i] => o" where + "is_DPow'(M,A,Z) == + \X[M]. X \ Z \ + subset(M,X,A) & + (\env[M]. \p[M]. mem_formula(M,p) & mem_list(M,A,env) & + is_Collect(M, A, is_DPow_sats(M,A,env,p), X))" + +lemma (in M_DPow) DPow'_abs: + "[|M(A); M(Z)|] ==> is_DPow'(M,A,Z) \ Z = DPow'(A)" +apply (rule iffI) + prefer 2 apply (simp add: is_DPow'_def DPow'_def Collect_DPow_sats_abs) +apply (rule M_equalityI) +apply (simp add: is_DPow'_def DPow'_def Collect_DPow_sats_abs, assumption) +apply (erule DPow'_closed) +done + + +subsection\Instantiating the Locale \M_DPow\\ + +subsubsection\The Instance of Separation\ + +lemma DPow_separation: + "[| L(A); env \ list(A); p \ formula |] + ==> separation(L, \x. is_DPow_sats(L,A,env,p,x))" +apply (rule gen_separation_multi [OF DPow_sats_reflection, of "{A,env,p}"], + auto intro: transL) +apply (rule_tac env="[A,env,p]" in DPow_LsetI) +apply (rule DPow_sats_iff_sats sep_rules | simp)+ +done + + + +subsubsection\The Instance of Replacement\ + +lemma DPow_replacement_Reflects: + "REFLECTS [\x. \u[L]. u \ B & + (\env[L]. \p[L]. + mem_formula(L,p) & mem_list(L,A,env) & pair(L,env,p,u) & + is_Collect (L, A, is_DPow_sats(L,A,env,p), x)), + \i x. \u \ Lset(i). u \ B & + (\env \ Lset(i). \p \ Lset(i). + mem_formula(##Lset(i),p) & mem_list(##Lset(i),A,env) & + pair(##Lset(i),env,p,u) & + is_Collect (##Lset(i), A, is_DPow_sats(##Lset(i),A,env,p), x))]" +apply (unfold is_Collect_def) +apply (intro FOL_reflections function_reflections mem_formula_reflection + mem_list_reflection DPow_sats_reflection) +done + +lemma DPow_replacement: + "L(A) + ==> strong_replacement (L, + \ep z. \env[L]. \p[L]. mem_formula(L,p) & mem_list(L,A,env) & + pair(L,env,p,ep) & + is_Collect(L, A, \x. is_DPow_sats(L,A,env,p,x), z))" +apply (rule strong_replacementI) +apply (rule_tac u="{A,B}" + in gen_separation_multi [OF DPow_replacement_Reflects], + auto) +apply (unfold is_Collect_def) +apply (rule_tac env="[A,B]" in DPow_LsetI) +apply (rule sep_rules mem_formula_iff_sats mem_list_iff_sats + DPow_sats_iff_sats | simp)+ +done + + +subsubsection\Actually Instantiating the Locale\ + +lemma M_DPow_axioms_L: "M_DPow_axioms(L)" + apply (rule M_DPow_axioms.intro) + apply (assumption | rule DPow_separation DPow_replacement)+ + done + +theorem M_DPow_L: "M_DPow(L)" + apply (rule M_DPow.intro) + apply (rule M_satisfies_L) + apply (rule M_DPow_axioms_L) + done + +lemmas DPow'_closed [intro, simp] = M_DPow.DPow'_closed [OF M_DPow_L] + and DPow'_abs [intro, simp] = M_DPow.DPow'_abs [OF M_DPow_L] + + +subsubsection\The Operator \<^term>\is_Collect\\ + +text\The formula \<^term>\is_P\ has one free variable, 0, and it is +enclosed within a single quantifier.\ + +(* is_Collect :: "[i=>o,i,i=>o,i] => o" + "is_Collect(M,A,P,z) == \x[M]. x \ z \ x \ A & P(x)" *) + +definition + Collect_fm :: "[i, i, i]=>i" where + "Collect_fm(A,is_P,z) == + Forall(Iff(Member(0,succ(z)), + And(Member(0,succ(A)), is_P)))" + +lemma is_Collect_type [TC]: + "[| is_P \ formula; x \ nat; y \ nat |] + ==> Collect_fm(x,is_P,y) \ formula" +by (simp add: Collect_fm_def) + +lemma sats_Collect_fm: + assumes is_P_iff_sats: + "!!a. a \ A ==> is_P(a) \ sats(A, p, Cons(a, env))" + shows + "[|x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, Collect_fm(x,p,y), env) \ + is_Collect(##A, nth(x,env), is_P, nth(y,env))" +by (simp add: Collect_fm_def is_Collect_def is_P_iff_sats [THEN iff_sym]) + +lemma Collect_iff_sats: + assumes is_P_iff_sats: + "!!a. a \ A ==> is_P(a) \ sats(A, p, Cons(a, env))" + shows + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_Collect(##A, x, is_P, y) \ sats(A, Collect_fm(i,p,j), env)" +by (simp add: sats_Collect_fm [OF is_P_iff_sats]) + + +text\The second argument of \<^term>\is_P\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references.\ +theorem Collect_reflection: + assumes is_P_reflection: + "!!h f g. REFLECTS[\x. is_P(L, f(x), g(x)), + \i x. is_P(##Lset(i), f(x), g(x))]" + shows "REFLECTS[\x. is_Collect(L, f(x), is_P(L,x), g(x)), + \i x. is_Collect(##Lset(i), f(x), is_P(##Lset(i), x), g(x))]" +apply (simp (no_asm_use) only: is_Collect_def) +apply (intro FOL_reflections is_P_reflection) +done + + +subsubsection\The Operator \<^term>\is_Replace\\ + +text\BEWARE! The formula \<^term>\is_P\ has free variables 0, 1 + and not the usual 1, 0! It is enclosed within two quantifiers.\ + +(* is_Replace :: "[i=>o,i,[i,i]=>o,i] => o" + "is_Replace(M,A,P,z) == \u[M]. u \ z \ (\x[M]. x\A & P(x,u))" *) + +definition + Replace_fm :: "[i, i, i]=>i" where + "Replace_fm(A,is_P,z) == + Forall(Iff(Member(0,succ(z)), + Exists(And(Member(0,A#+2), is_P))))" + +lemma is_Replace_type [TC]: + "[| is_P \ formula; x \ nat; y \ nat |] + ==> Replace_fm(x,is_P,y) \ formula" +by (simp add: Replace_fm_def) + +lemma sats_Replace_fm: + assumes is_P_iff_sats: + "!!a b. [|a \ A; b \ A|] + ==> is_P(a,b) \ sats(A, p, Cons(a,Cons(b,env)))" + shows + "[|x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, Replace_fm(x,p,y), env) \ + is_Replace(##A, nth(x,env), is_P, nth(y,env))" +by (simp add: Replace_fm_def is_Replace_def is_P_iff_sats [THEN iff_sym]) + +lemma Replace_iff_sats: + assumes is_P_iff_sats: + "!!a b. [|a \ A; b \ A|] + ==> is_P(a,b) \ sats(A, p, Cons(a,Cons(b,env)))" + shows + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_Replace(##A, x, is_P, y) \ sats(A, Replace_fm(i,p,j), env)" +by (simp add: sats_Replace_fm [OF is_P_iff_sats]) + + +text\The second argument of \<^term>\is_P\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references.\ +theorem Replace_reflection: + assumes is_P_reflection: + "!!h f g. REFLECTS[\x. is_P(L, f(x), g(x), h(x)), + \i x. is_P(##Lset(i), f(x), g(x), h(x))]" + shows "REFLECTS[\x. is_Replace(L, f(x), is_P(L,x), g(x)), + \i x. is_Replace(##Lset(i), f(x), is_P(##Lset(i), x), g(x))]" +apply (simp (no_asm_use) only: is_Replace_def) +apply (intro FOL_reflections is_P_reflection) +done + + + +subsubsection\The Operator \<^term>\is_DPow'\, Internalized\ + +(* "is_DPow'(M,A,Z) == + \X[M]. X \ Z \ + subset(M,X,A) & + (\env[M]. \p[M]. mem_formula(M,p) & mem_list(M,A,env) & + is_Collect(M, A, is_DPow_sats(M,A,env,p), X))" *) + +definition + DPow'_fm :: "[i,i]=>i" where + "DPow'_fm(A,Z) == + Forall( + Iff(Member(0,succ(Z)), + And(subset_fm(0,succ(A)), + Exists(Exists( + And(mem_formula_fm(0), + And(mem_list_fm(A#+3,1), + Collect_fm(A#+3, + DPow_sats_fm(A#+4, 2, 1, 0), 2))))))))" + +lemma is_DPow'_type [TC]: + "[| x \ nat; y \ nat |] ==> DPow'_fm(x,y) \ formula" +by (simp add: DPow'_fm_def) + +lemma sats_DPow'_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, DPow'_fm(x,y), env) \ + is_DPow'(##A, nth(x,env), nth(y,env))" +by (simp add: DPow'_fm_def is_DPow'_def sats_subset_fm' sats_Collect_fm) + +lemma DPow'_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_DPow'(##A, x, y) \ sats(A, DPow'_fm(i,j), env)" +by (simp) + +theorem DPow'_reflection: + "REFLECTS[\x. is_DPow'(L,f(x),g(x)), + \i x. is_DPow'(##Lset(i),f(x),g(x))]" +apply (simp only: is_DPow'_def) +apply (intro FOL_reflections function_reflections mem_formula_reflection + mem_list_reflection Collect_reflection DPow_sats_reflection) +done + + +subsection\A Locale for Relativizing the Operator \<^term>\Lset\\ + +definition + transrec_body :: "[i=>o,i,i,i,i] => o" where + "transrec_body(M,g,x) == + \y z. \gy[M]. y \ x & fun_apply(M,g,y,gy) & is_DPow'(M,gy,z)" + +lemma (in M_DPow) transrec_body_abs: + "[|M(x); M(g); M(z)|] + ==> transrec_body(M,g,x,y,z) \ y \ x & z = DPow'(g`y)" +by (simp add: transrec_body_def DPow'_abs transM [of _ x]) + +locale M_Lset = M_DPow + + assumes strong_rep: + "[|M(x); M(g)|] ==> strong_replacement(M, \y z. transrec_body(M,g,x,y,z))" + and transrec_rep: + "M(i) ==> transrec_replacement(M, \x f u. + \r[M]. is_Replace(M, x, transrec_body(M,f,x), r) & + big_union(M, r, u), i)" + + +lemma (in M_Lset) strong_rep': + "[|M(x); M(g)|] + ==> strong_replacement(M, \y z. y \ x & z = DPow'(g`y))" +by (insert strong_rep [of x g], simp add: transrec_body_abs) + +lemma (in M_Lset) DPow_apply_closed: + "[|M(f); M(x); y\x|] ==> M(DPow'(f`y))" +by (blast intro: DPow'_closed dest: transM) + +lemma (in M_Lset) RepFun_DPow_apply_closed: + "[|M(f); M(x)|] ==> M({DPow'(f`y). y\x})" +by (blast intro: DPow_apply_closed RepFun_closed2 strong_rep') + +lemma (in M_Lset) RepFun_DPow_abs: + "[|M(x); M(f); M(r) |] + ==> is_Replace(M, x, \y z. transrec_body(M,f,x,y,z), r) \ + r = {DPow'(f`y). y\x}" +apply (simp add: transrec_body_abs RepFun_def) +apply (rule iff_trans) +apply (rule Replace_abs) +apply (simp_all add: DPow_apply_closed strong_rep') +done + +lemma (in M_Lset) transrec_rep': + "M(i) ==> transrec_replacement(M, \x f u. u = (\y\x. DPow'(f ` y)), i)" +apply (insert transrec_rep [of i]) +apply (simp add: RepFun_DPow_apply_closed RepFun_DPow_abs + transrec_replacement_def) +done + + +text\Relativization of the Operator \<^term>\Lset\\ + +definition + is_Lset :: "[i=>o, i, i] => o" where + \ \We can use the term language below because \<^term>\is_Lset\ will + not have to be internalized: it isn't used in any instance of + separation.\ + "is_Lset(M,a,z) == is_transrec(M, %x f u. u = (\y\x. DPow'(f`y)), a, z)" + +lemma (in M_Lset) Lset_abs: + "[|Ord(i); M(i); M(z)|] + ==> is_Lset(M,i,z) \ z = Lset(i)" +apply (simp add: is_Lset_def Lset_eq_transrec_DPow') +apply (rule transrec_abs) +apply (simp_all add: transrec_rep' relation2_def RepFun_DPow_apply_closed) +done + +lemma (in M_Lset) Lset_closed: + "[|Ord(i); M(i)|] ==> M(Lset(i))" +apply (simp add: Lset_eq_transrec_DPow') +apply (rule transrec_closed [OF transrec_rep']) +apply (simp_all add: relation2_def RepFun_DPow_apply_closed) +done + + +subsection\Instantiating the Locale \M_Lset\\ + +subsubsection\The First Instance of Replacement\ + +lemma strong_rep_Reflects: + "REFLECTS [\u. \v[L]. v \ B & (\gy[L]. + v \ x & fun_apply(L,g,v,gy) & is_DPow'(L,gy,u)), + \i u. \v \ Lset(i). v \ B & (\gy \ Lset(i). + v \ x & fun_apply(##Lset(i),g,v,gy) & is_DPow'(##Lset(i),gy,u))]" +by (intro FOL_reflections function_reflections DPow'_reflection) + +lemma strong_rep: + "[|L(x); L(g)|] ==> strong_replacement(L, \y z. transrec_body(L,g,x,y,z))" +apply (unfold transrec_body_def) +apply (rule strong_replacementI) +apply (rule_tac u="{x,g,B}" + in gen_separation_multi [OF strong_rep_Reflects], auto) +apply (rule_tac env="[x,g,B]" in DPow_LsetI) +apply (rule sep_rules DPow'_iff_sats | simp)+ +done + + +subsubsection\The Second Instance of Replacement\ + +lemma transrec_rep_Reflects: + "REFLECTS [\x. \v[L]. v \ B & + (\y[L]. pair(L,v,y,x) & + is_wfrec (L, \x f u. \r[L]. + is_Replace (L, x, \y z. + \gy[L]. y \ x & fun_apply(L,f,y,gy) & + is_DPow'(L,gy,z), r) & big_union(L,r,u), mr, v, y)), + \i x. \v \ Lset(i). v \ B & + (\y \ Lset(i). pair(##Lset(i),v,y,x) & + is_wfrec (##Lset(i), \x f u. \r \ Lset(i). + is_Replace (##Lset(i), x, \y z. + \gy \ Lset(i). y \ x & fun_apply(##Lset(i),f,y,gy) & + is_DPow'(##Lset(i),gy,z), r) & + big_union(##Lset(i),r,u), mr, v, y))]" +apply (simp only: rex_setclass_is_bex [symmetric]) + \ \Convert \\y\Lset(i)\ to \\y[##Lset(i)]\ within the body + of the \<^term>\is_wfrec\ application.\ +apply (intro FOL_reflections function_reflections + is_wfrec_reflection Replace_reflection DPow'_reflection) +done + + +lemma transrec_rep: + "[|L(j)|] + ==> transrec_replacement(L, \x f u. + \r[L]. is_Replace(L, x, transrec_body(L,f,x), r) & + big_union(L, r, u), j)" +apply (rule L.transrec_replacementI, assumption) +apply (unfold transrec_body_def) +apply (rule strong_replacementI) +apply (rule_tac u="{j,B,Memrel(eclose({j}))}" + in gen_separation_multi [OF transrec_rep_Reflects], auto) +apply (rule_tac env="[j,B,Memrel(eclose({j}))]" in DPow_LsetI) +apply (rule sep_rules is_wfrec_iff_sats Replace_iff_sats DPow'_iff_sats | + simp)+ +done + + +subsubsection\Actually Instantiating \M_Lset\\ + +lemma M_Lset_axioms_L: "M_Lset_axioms(L)" + apply (rule M_Lset_axioms.intro) + apply (assumption | rule strong_rep transrec_rep)+ + done + +theorem M_Lset_L: "M_Lset(L)" + apply (rule M_Lset.intro) + apply (rule M_DPow_L) + apply (rule M_Lset_axioms_L) + done + +text\Finally: the point of the whole theory!\ +lemmas Lset_closed = M_Lset.Lset_closed [OF M_Lset_L] + and Lset_abs = M_Lset.Lset_abs [OF M_Lset_L] + + +subsection\The Notion of Constructible Set\ + +definition + constructible :: "[i=>o,i] => o" where + "constructible(M,x) == + \i[M]. \Li[M]. ordinal(M,i) & is_Lset(M,i,Li) & x \ Li" + +theorem V_equals_L_in_L: + "L(x) \ constructible(L,x)" +apply (simp add: constructible_def Lset_abs Lset_closed) +apply (simp add: L_def) +apply (blast intro: Ord_in_L) +done + +end diff --git a/thys/Transitive_Models/Datatype_absolute.thy b/thys/Transitive_Models/Datatype_absolute.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/Datatype_absolute.thy @@ -0,0 +1,294 @@ +(* Title: ZF/Constructible/Datatype_absolute.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +section \Absoluteness Properties for Recursive Datatypes\ + +theory Datatype_absolute imports Eclose_Absolute begin + +locale M_datatypes = M_trancl + + assumes list_replacement1: + "M(A) ==> iterates_replacement(M, is_list_functor(M,A), 0)" + and list_replacement2: + "M(A) ==> strong_replacement(M, + \n y. n\nat & is_iterates(M, is_list_functor(M,A), 0, n, y))" + and formula_replacement1: + "iterates_replacement(M, is_formula_functor(M), 0)" + and formula_replacement2: + "strong_replacement(M, + \n y. n\nat & is_iterates(M, is_formula_functor(M), 0, n, y))" + and nth_replacement: + "M(l) ==> iterates_replacement(M, %l t. is_tl(M,l,t), l)" + + +subsubsection\Absoluteness of the List Construction\ + +lemma (in M_datatypes) list_replacement2': + "M(A) ==> strong_replacement(M, \n y. n\nat & y = (\X. {0} + A * X)^n (0))" +apply (insert list_replacement2 [of A]) +apply (rule strong_replacement_cong [THEN iffD1]) +apply (rule conj_cong [OF iff_refl iterates_abs [of "is_list_functor(M,A)"]]) +apply (simp_all add: list_replacement1 relation1_def) +done + +lemma (in M_datatypes) list_closed [intro,simp]: + "M(A) ==> M(list(A))" +apply (insert list_replacement1) +by (simp add: RepFun_closed2 list_eq_Union + list_replacement2' relation1_def + iterates_closed [of "is_list_functor(M,A)"]) + +text\WARNING: use only with \dest:\ or with variables fixed!\ +lemmas (in M_datatypes) list_into_M = transM [OF _ list_closed] + +lemma (in M_datatypes) list_N_abs [simp]: + "[|M(A); n\nat; M(Z)|] + ==> is_list_N(M,A,n,Z) \ Z = list_N(A,n)" +apply (insert list_replacement1) +apply (simp add: is_list_N_def list_N_def relation1_def nat_into_M + iterates_abs [of "is_list_functor(M,A)" _ "\X. {0} + A*X"]) +done + +lemma (in M_datatypes) list_N_closed [intro,simp]: + "[|M(A); n\nat|] ==> M(list_N(A,n))" +apply (insert list_replacement1) +apply (simp add: is_list_N_def list_N_def relation1_def nat_into_M + iterates_closed [of "is_list_functor(M,A)"]) +done + +lemma (in M_datatypes) mem_list_abs [simp]: + "M(A) ==> mem_list(M,A,l) \ l \ list(A)" +apply (insert list_replacement1) +apply (simp add: mem_list_def list_N_def relation1_def list_eq_Union + iterates_closed [of "is_list_functor(M,A)"]) +done + +lemma (in M_datatypes) list_abs [simp]: + "[|M(A); M(Z)|] ==> is_list(M,A,Z) \ Z = list(A)" +apply (simp add: is_list_def, safe) +apply (rule M_equalityI, simp_all) +done + +subsubsection\Absoluteness of Formulas\ + +lemma (in M_datatypes) formula_replacement2': + "strong_replacement(M, \n y. n\nat & y = (\X. ((nat*nat) + (nat*nat)) + (X*X + X))^n (0))" +apply (insert formula_replacement2) +apply (rule strong_replacement_cong [THEN iffD1]) +apply (rule conj_cong [OF iff_refl iterates_abs [of "is_formula_functor(M)"]]) +apply (simp_all add: formula_replacement1 relation1_def) +done + +lemma (in M_datatypes) formula_closed [intro,simp]: + "M(formula)" +apply (insert formula_replacement1) +apply (simp add: RepFun_closed2 formula_eq_Union + formula_replacement2' relation1_def + iterates_closed [of "is_formula_functor(M)"]) +done + +lemmas (in M_datatypes) formula_into_M = transM [OF _ formula_closed] + +lemma (in M_datatypes) formula_N_abs [simp]: + "[|n\nat; M(Z)|] + ==> is_formula_N(M,n,Z) \ Z = formula_N(n)" +apply (insert formula_replacement1) +apply (simp add: is_formula_N_def formula_N_def relation1_def nat_into_M + iterates_abs [of "is_formula_functor(M)" _ + "\X. ((nat*nat) + (nat*nat)) + (X*X + X)"]) +done + +lemma (in M_datatypes) formula_N_closed [intro,simp]: + "n\nat ==> M(formula_N(n))" +apply (insert formula_replacement1) +apply (simp add: is_formula_N_def formula_N_def relation1_def nat_into_M + iterates_closed [of "is_formula_functor(M)"]) +done + +lemma (in M_datatypes) mem_formula_abs [simp]: + "mem_formula(M,l) \ l \ formula" +apply (insert formula_replacement1) +apply (simp add: mem_formula_def relation1_def formula_eq_Union formula_N_def + iterates_closed [of "is_formula_functor(M)"]) +done + +lemma (in M_datatypes) formula_abs [simp]: + "[|M(Z)|] ==> is_formula(M,Z) \ Z = formula" +apply (simp add: is_formula_def, safe) +apply (rule M_equalityI, simp_all) +done + + + +lemma (in M_datatypes) length_abs [simp]: + "[|M(A); l \ list(A); n \ nat|] ==> is_length(M,A,l,n) \ n = length(l)" +apply (subgoal_tac "M(l) & M(n)") + prefer 2 apply (blast dest: transM) +apply (simp add: is_length_def) +apply (blast intro: list_imp_list_N nat_into_Ord list_N_imp_eq_length + dest: list_N_imp_length_lt) +done + + + +definition + is_nth :: "[i=>o,i,i,i] => o" where + "is_nth(M,n,l,Z) == + \X[M]. is_iterates(M, is_tl(M), l, n, X) & is_hd(M,X,Z)" + +lemma (in M_datatypes) nth_abs [simp]: + "[|M(A); n \ nat; l \ list(A); M(Z)|] + ==> is_nth(M,n,l,Z) \ Z = nth(n,l)" +apply (subgoal_tac "M(l)") + prefer 2 apply (blast intro: transM) +apply (simp add: is_nth_def nth_eq_hd_iterates_tl nat_into_M + tl'_closed iterates_tl'_closed + iterates_abs [OF _ relation1_tl] nth_replacement) +done + + + +lemma (in M_datatypes) depth_abs [simp]: + "[|p \ formula; n \ nat|] ==> is_depth(M,p,n) \ n = depth(p)" +apply (subgoal_tac "M(p) & M(n)") + prefer 2 apply (blast dest: transM) +apply (simp add: is_depth_def) +apply (blast intro: formula_imp_formula_N nat_into_Ord formula_N_imp_eq_depth + dest: formula_N_imp_depth_lt) +done + + +subsubsection\\<^term>\is_formula_case\: relativization of \<^term>\formula_case\\ + +definition + is_formula_case :: + "[i=>o, [i,i,i]=>o, [i,i,i]=>o, [i,i,i]=>o, [i,i]=>o, i, i] => o" where + \ \no constraint on non-formulas\ + "is_formula_case(M, is_a, is_b, is_c, is_d, p, z) == + (\x[M]. \y[M]. finite_ordinal(M,x) \ finite_ordinal(M,y) \ + is_Member(M,x,y,p) \ is_a(x,y,z)) & + (\x[M]. \y[M]. finite_ordinal(M,x) \ finite_ordinal(M,y) \ + is_Equal(M,x,y,p) \ is_b(x,y,z)) & + (\x[M]. \y[M]. mem_formula(M,x) \ mem_formula(M,y) \ + is_Nand(M,x,y,p) \ is_c(x,y,z)) & + (\x[M]. mem_formula(M,x) \ is_Forall(M,x,p) \ is_d(x,z))" + +lemma (in M_datatypes) formula_case_abs [simp]: + "[| Relation2(M,nat,nat,is_a,a); Relation2(M,nat,nat,is_b,b); + Relation2(M,formula,formula,is_c,c); Relation1(M,formula,is_d,d); + p \ formula; M(z) |] + ==> is_formula_case(M,is_a,is_b,is_c,is_d,p,z) \ + z = formula_case(a,b,c,d,p)" +apply (simp add: formula_into_M is_formula_case_def) +apply (erule formula.cases) + apply (simp_all add: Relation1_def Relation2_def) +done + +lemma (in M_datatypes) formula_case_closed [intro,simp]: + "[|p \ formula; + \x[M]. \y[M]. x\nat \ y\nat \ M(a(x,y)); + \x[M]. \y[M]. x\nat \ y\nat \ M(b(x,y)); + \x[M]. \y[M]. x\formula \ y\formula \ M(c(x,y)); + \x[M]. x\formula \ M(d(x))|] ==> M(formula_case(a,b,c,d,p))" +by (erule formula.cases, simp_all) + + +subsubsection \Absoluteness for \<^term>\formula_rec\: Final Results\ + +definition + is_formula_rec :: "[i=>o, [i,i,i]=>o, i, i] => o" where + \ \predicate to relativize the functional \<^term>\formula_rec\\ + "is_formula_rec(M,MH,p,z) == + \dp[M]. \i[M]. \f[M]. finite_ordinal(M,dp) & is_depth(M,p,dp) & + successor(M,dp,i) & fun_apply(M,f,p,z) & is_transrec(M,MH,i,f)" + + +text\Sufficient conditions to relativize the instance of \<^term>\formula_case\ + in \<^term>\formula_rec\\ +lemma (in M_datatypes) Relation1_formula_rec_case: + "[|Relation2(M, nat, nat, is_a, a); + Relation2(M, nat, nat, is_b, b); + Relation2 (M, formula, formula, + is_c, \u v. c(u, v, h`succ(depth(u))`u, h`succ(depth(v))`v)); + Relation1(M, formula, + is_d, \u. d(u, h ` succ(depth(u)) ` u)); + M(h) |] + ==> Relation1(M, formula, + is_formula_case (M, is_a, is_b, is_c, is_d), + formula_rec_case(a, b, c, d, h))" +apply (simp (no_asm) add: formula_rec_case_def Relation1_def) +apply (simp) +done + + +text\This locale packages the premises of the following theorems, + which is the normal purpose of locales. It doesn't accumulate + constraints on the class \<^term>\M\, as in most of this development.\ +locale Formula_Rec = M_eclose + M_datatypes + + fixes a and is_a and b and is_b and c and is_c and d and is_d and MH + defines + "MH(u::i,f,z) == + \fml[M]. is_formula(M,fml) \ + is_lambda + (M, fml, is_formula_case (M, is_a, is_b, is_c(f), is_d(f)), z)" + + assumes a_closed: "[|x\nat; y\nat|] ==> M(a(x,y))" + and a_rel: "Relation2(M, nat, nat, is_a, a)" + and b_closed: "[|x\nat; y\nat|] ==> M(b(x,y))" + and b_rel: "Relation2(M, nat, nat, is_b, b)" + and c_closed: "[|x \ formula; y \ formula; M(gx); M(gy)|] + ==> M(c(x, y, gx, gy))" + and c_rel: + "M(f) ==> + Relation2 (M, formula, formula, is_c(f), + \u v. c(u, v, f ` succ(depth(u)) ` u, f ` succ(depth(v)) ` v))" + and d_closed: "[|x \ formula; M(gx)|] ==> M(d(x, gx))" + and d_rel: + "M(f) ==> + Relation1(M, formula, is_d(f), \u. d(u, f ` succ(depth(u)) ` u))" + and fr_replace: "n \ nat ==> transrec_replacement(M,MH,n)" + and fr_lam_replace: + "M(g) ==> + strong_replacement + (M, \x y. x \ formula & + y = \x, formula_rec_case(a,b,c,d,g,x)\)" + +lemma (in Formula_Rec) formula_rec_case_closed: + "[|M(g); p \ formula|] ==> M(formula_rec_case(a, b, c, d, g, p))" +by (simp add: formula_rec_case_def a_closed b_closed c_closed d_closed) + +lemma (in Formula_Rec) formula_rec_lam_closed: + "M(g) ==> M(Lambda (formula, formula_rec_case(a,b,c,d,g)))" +by (simp add: lam_closed2 fr_lam_replace formula_rec_case_closed) + +lemma (in Formula_Rec) MH_rel2: + "relation2 (M, MH, + \x h. Lambda (formula, formula_rec_case(a,b,c,d,h)))" +apply (simp add: relation2_def MH_def, clarify) +apply (rule lambda_abs2) +apply (rule Relation1_formula_rec_case) +apply (simp_all add: a_rel b_rel c_rel d_rel formula_rec_case_closed) +done + +lemma (in Formula_Rec) fr_transrec_closed: + "n \ nat + ==> M(transrec + (n, \x h. Lambda(formula, formula_rec_case(a, b, c, d, h))))" +by (simp add: transrec_closed [OF fr_replace MH_rel2] + nat_into_M formula_rec_lam_closed) + +text\The main two results: \<^term>\formula_rec\ is absolute for \<^term>\M\.\ +theorem (in Formula_Rec) formula_rec_closed: + "p \ formula ==> M(formula_rec(a,b,c,d,p))" +by (simp add: formula_rec_eq fr_transrec_closed + transM [OF _ formula_closed]) + +theorem (in Formula_Rec) formula_rec_abs: + "[| p \ formula; M(z)|] + ==> is_formula_rec(M,MH,p,z) \ z = formula_rec(a,b,c,d,p)" +by (simp add: is_formula_rec_def formula_rec_eq transM [OF _ formula_closed] + transrec_abs [OF fr_replace MH_rel2] depth_type + fr_transrec_closed formula_rec_lam_closed eq_commute) + + +end diff --git a/thys/Transitive_Models/Eclose_Absolute.thy b/thys/Transitive_Models/Eclose_Absolute.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/Eclose_Absolute.thy @@ -0,0 +1,740 @@ +(* Title: ZF/Constructible/Datatype_absolute.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +section \Absoluteness Properties for Recursive Datatypes\ + +theory Eclose_Absolute imports "ZF-Constructible.Formula" "ZF-Constructible.WF_absolute" begin + + +subsection\The lfp of a continuous function can be expressed as a union\ + +definition + directed :: "i=>o" where + "directed(A) == A\0 & (\x\A. \y\A. x \ y \ A)" + +definition + contin :: "(i=>i) => o" where + "contin(h) == (\A. directed(A) \ h(\A) = (\X\A. h(X)))" + +lemma bnd_mono_iterates_subset: "[|bnd_mono(D, h); n \ nat|] ==> h^n (0) \ D" +apply (induct_tac n) + apply (simp_all add: bnd_mono_def, blast) +done + +lemma bnd_mono_increasing [rule_format]: + "[|i \ nat; j \ nat; bnd_mono(D,h)|] ==> i \ j \ h^i(0) \ h^j(0)" +apply (rule_tac m=i and n=j in diff_induct, simp_all) +apply (blast del: subsetI + intro: bnd_mono_iterates_subset bnd_monoD2 [of concl: h]) +done + +lemma directed_iterates: "bnd_mono(D,h) ==> directed({h^n (0). n\nat})" +apply (simp add: directed_def, clarify) +apply (rename_tac i j) +apply (rule_tac x="i \ j" in bexI) +apply (rule_tac i = i and j = j in Ord_linear_le) +apply (simp_all add: subset_Un_iff [THEN iffD1] le_imp_subset + subset_Un_iff2 [THEN iffD1]) +apply (simp_all add: subset_Un_iff [THEN iff_sym] bnd_mono_increasing + subset_Un_iff2 [THEN iff_sym]) +done + + +lemma contin_iterates_eq: + "[|bnd_mono(D, h); contin(h)|] + ==> h(\n\nat. h^n (0)) = (\n\nat. h^n (0))" +apply (simp add: contin_def directed_iterates) +apply (rule trans) +apply (rule equalityI) + apply (simp_all add: UN_subset_iff) + apply safe + apply (erule_tac [2] natE) + apply (rule_tac a="succ(x)" in UN_I) + apply simp_all +apply blast +done + +lemma lfp_subset_Union: + "[|bnd_mono(D, h); contin(h)|] ==> lfp(D,h) \ (\n\nat. h^n(0))" +apply (rule lfp_lowerbound) + apply (simp add: contin_iterates_eq) +apply (simp add: contin_def bnd_mono_iterates_subset UN_subset_iff) +done + +lemma Union_subset_lfp: + "bnd_mono(D,h) ==> (\n\nat. h^n(0)) \ lfp(D,h)" +apply (simp add: UN_subset_iff) +apply (rule ballI) +apply (induct_tac n, simp_all) +apply (rule subset_trans [of _ "h(lfp(D,h))"]) + apply (blast dest: bnd_monoD2 [OF _ _ lfp_subset]) +apply (erule lfp_lemma2) +done + +lemma lfp_eq_Union: + "[|bnd_mono(D, h); contin(h)|] ==> lfp(D,h) = (\n\nat. h^n(0))" +by (blast del: subsetI + intro: lfp_subset_Union Union_subset_lfp) + + +subsubsection\Some Standard Datatype Constructions Preserve Continuity\ + +lemma contin_imp_mono: "[|X\Y; contin(F)|] ==> F(X) \ F(Y)" +apply (simp add: contin_def) +apply (drule_tac x="{X,Y}" in spec) +apply (simp add: directed_def subset_Un_iff2 Un_commute) +done + +lemma sum_contin: "[|contin(F); contin(G)|] ==> contin(\X. F(X) + G(X))" +by (simp add: contin_def, blast) + +lemma prod_contin: "[|contin(F); contin(G)|] ==> contin(\X. F(X) * G(X))" +apply (subgoal_tac "\B C. F(B) \ F(B \ C)") + prefer 2 apply (simp add: Un_upper1 contin_imp_mono) +apply (subgoal_tac "\B C. G(C) \ G(B \ C)") + prefer 2 apply (simp add: Un_upper2 contin_imp_mono) +apply (simp add: contin_def, clarify) +apply (rule equalityI) + prefer 2 apply blast +apply clarify +apply (rename_tac B C) +apply (rule_tac a="B \ C" in UN_I) + apply (simp add: directed_def, blast) +done + +lemma const_contin: "contin(\X. A)" +by (simp add: contin_def directed_def) + +lemma id_contin: "contin(\X. X)" +by (simp add: contin_def) + + + +subsection \Absoluteness for "Iterates"\ + +definition + iterates_MH :: "[i=>o, [i,i]=>o, i, i, i, i] => o" where + "iterates_MH(M,isF,v,n,g,z) == + is_nat_case(M, v, \m u. \gm[M]. fun_apply(M,g,m,gm) & isF(gm,u), + n, z)" + +definition + is_iterates :: "[i=>o, [i,i]=>o, i, i, i] => o" where + "is_iterates(M,isF,v,n,Z) == + \sn[M]. \msn[M]. successor(M,n,sn) & membership(M,sn,msn) & + is_wfrec(M, iterates_MH(M,isF,v), msn, n, Z)" + +definition + iterates_replacement :: "[i=>o, [i,i]=>o, i] => o" where + "iterates_replacement(M,isF,v) == + \n[M]. n\nat \ + wfrec_replacement(M, iterates_MH(M,isF,v), Memrel(succ(n)))" + +lemma (in M_basic) iterates_MH_abs: + "[| relation1(M,isF,F); M(n); M(g); M(z) |] + ==> iterates_MH(M,isF,v,n,g,z) \ z = nat_case(v, \m. F(g`m), n)" +by (simp add: nat_case_abs [of _ "\m. F(g ` m)"] + relation1_def iterates_MH_def) + +lemma (in M_trancl) iterates_imp_wfrec_replacement: + "[|relation1(M,isF,F); n \ nat; iterates_replacement(M,isF,v)|] + ==> wfrec_replacement(M, \n f z. z = nat_case(v, \m. F(f`m), n), + Memrel(succ(n)))" +by (simp add: iterates_replacement_def iterates_MH_abs) + +theorem (in M_trancl) iterates_abs: + "[| iterates_replacement(M,isF,v); relation1(M,isF,F); + n \ nat; M(v); M(z); \x[M]. M(F(x)) |] + ==> is_iterates(M,isF,v,n,z) \ z = iterates(F,n,v)" +apply (frule iterates_imp_wfrec_replacement, assumption+) +apply (simp add: wf_Memrel trans_Memrel relation_Memrel + is_iterates_def relation2_def iterates_MH_abs + iterates_nat_def recursor_def transrec_def + eclose_sing_Ord_eq nat_into_M + trans_wfrec_abs [of _ _ _ _ "\n g. nat_case(v, \m. F(g`m), n)"]) +done + + +lemma (in M_trancl) iterates_closed [intro,simp]: + "[| iterates_replacement(M,isF,v); relation1(M,isF,F); + n \ nat; M(v); \x[M]. M(F(x)) |] + ==> M(iterates(F,n,v))" +apply (frule iterates_imp_wfrec_replacement, assumption+) +apply (simp add: wf_Memrel trans_Memrel relation_Memrel + relation2_def iterates_MH_abs + iterates_nat_def recursor_def transrec_def + eclose_sing_Ord_eq nat_into_M + trans_wfrec_closed [of _ _ _ "\n g. nat_case(v, \m. F(g`m), n)"]) +done + + +subsection \lists without univ\ + +lemmas datatype_univs = Inl_in_univ Inr_in_univ + Pair_in_univ nat_into_univ A_into_univ + +lemma list_fun_bnd_mono: "bnd_mono(univ(A), \X. {0} + A*X)" +apply (rule bnd_monoI) + apply (intro subset_refl zero_subset_univ A_subset_univ + sum_subset_univ Sigma_subset_univ) +apply (rule subset_refl sum_mono Sigma_mono | assumption)+ +done + +lemma list_fun_contin: "contin(\X. {0} + A*X)" +by (intro sum_contin prod_contin id_contin const_contin) + +text\Re-expresses lists using sum and product\ +lemma list_eq_lfp2: "list(A) = lfp(univ(A), \X. {0} + A*X)" +apply (simp add: list_def) +apply (rule equalityI) + apply (rule lfp_lowerbound) + prefer 2 apply (rule lfp_subset) + apply (clarify, subst lfp_unfold [OF list_fun_bnd_mono]) + apply (simp add: Nil_def Cons_def) + apply blast +txt\Opposite inclusion\ +apply (rule lfp_lowerbound) + prefer 2 apply (rule lfp_subset) +apply (clarify, subst lfp_unfold [OF list.bnd_mono]) +apply (simp add: Nil_def Cons_def) +apply (blast intro: datatype_univs + dest: lfp_subset [THEN subsetD]) +done + +text\Re-expresses lists using "iterates", no univ.\ +lemma list_eq_Union: + "list(A) = (\n\nat. (\X. {0} + A*X) ^ n (0))" +by (simp add: list_eq_lfp2 lfp_eq_Union list_fun_bnd_mono list_fun_contin) + + +definition + is_list_functor :: "[i=>o,i,i,i] => o" where + "is_list_functor(M,A,X,Z) == + \n1[M]. \AX[M]. + number1(M,n1) & cartprod(M,A,X,AX) & is_sum(M,n1,AX,Z)" + +lemma (in M_basic) list_functor_abs [simp]: + "[| M(A); M(X); M(Z) |] ==> is_list_functor(M,A,X,Z) \ (Z = {0} + A*X)" +by (simp add: is_list_functor_def singleton_0 nat_into_M) + + +subsection \formulas without univ\ + +lemma formula_fun_bnd_mono: + "bnd_mono(univ(0), \X. ((nat*nat) + (nat*nat)) + (X*X + X))" +apply (rule bnd_monoI) + apply (intro subset_refl zero_subset_univ A_subset_univ + sum_subset_univ Sigma_subset_univ nat_subset_univ) +apply (rule subset_refl sum_mono Sigma_mono | assumption)+ +done + +lemma formula_fun_contin: + "contin(\X. ((nat*nat) + (nat*nat)) + (X*X + X))" +by (intro sum_contin prod_contin id_contin const_contin) + + +text\Re-expresses formulas using sum and product\ +lemma formula_eq_lfp2: + "formula = lfp(univ(0), \X. ((nat*nat) + (nat*nat)) + (X*X + X))" +apply (simp add: formula_def) +apply (rule equalityI) + apply (rule lfp_lowerbound) + prefer 2 apply (rule lfp_subset) + apply (clarify, subst lfp_unfold [OF formula_fun_bnd_mono]) + apply (simp add: Member_def Equal_def Nand_def Forall_def) + apply blast +txt\Opposite inclusion\ +apply (rule lfp_lowerbound) + prefer 2 apply (rule lfp_subset, clarify) +apply (subst lfp_unfold [OF formula.bnd_mono, simplified]) +apply (simp add: Member_def Equal_def Nand_def Forall_def) +apply (elim sumE SigmaE, simp_all) +apply (blast intro: datatype_univs dest: lfp_subset [THEN subsetD])+ +done + +text\Re-expresses formulas using "iterates", no univ.\ +lemma formula_eq_Union: + "formula = + (\n\nat. (\X. ((nat*nat) + (nat*nat)) + (X*X + X)) ^ n (0))" +by (simp add: formula_eq_lfp2 lfp_eq_Union formula_fun_bnd_mono + formula_fun_contin) + + +definition + is_formula_functor :: "[i=>o,i,i] => o" where + "is_formula_functor(M,X,Z) == + \nat'[M]. \natnat[M]. \natnatsum[M]. \XX[M]. \X3[M]. + omega(M,nat') & cartprod(M,nat',nat',natnat) & + is_sum(M,natnat,natnat,natnatsum) & + cartprod(M,X,X,XX) & is_sum(M,XX,X,X3) & + is_sum(M,natnatsum,X3,Z)" + +lemma (in M_trancl) formula_functor_abs [simp]: + "[| M(X); M(Z) |] + ==> is_formula_functor(M,X,Z) \ + Z = ((nat*nat) + (nat*nat)) + (X*X + X)" +by (simp add: is_formula_functor_def) + + +subsection\\<^term>\M\ Contains the List and Formula Datatypes\ + +definition + list_N :: "[i,i] => i" where + "list_N(A,n) == (\X. {0} + A * X)^n (0)" + +lemma Nil_in_list_N [simp]: "[] \ list_N(A,succ(n))" +by (simp add: list_N_def Nil_def) + +lemma Cons_in_list_N [simp]: + "Cons(a,l) \ list_N(A,succ(n)) \ a\A & l \ list_N(A,n)" +by (simp add: list_N_def Cons_def) + +text\These two aren't simprules because they reveal the underlying +list representation.\ +lemma list_N_0: "list_N(A,0) = 0" +by (simp add: list_N_def) + +lemma list_N_succ: "list_N(A,succ(n)) = {0} + A * (list_N(A,n))" +by (simp add: list_N_def) + +lemma list_N_imp_list: + "[| l \ list_N(A,n); n \ nat |] ==> l \ list(A)" +by (force simp add: list_eq_Union list_N_def) + +lemma list_N_imp_length_lt [rule_format]: + "n \ nat ==> \l \ list_N(A,n). length(l) < n" +apply (induct_tac n) +apply (auto simp add: list_N_0 list_N_succ + Nil_def [symmetric] Cons_def [symmetric]) +done + +lemma list_imp_list_N [rule_format]: + "l \ list(A) ==> \n\nat. length(l) < n \ l \ list_N(A, n)" +apply (induct_tac l) +apply (force elim: natE)+ +done + +lemma list_N_imp_eq_length: + "[|n \ nat; l \ list_N(A, n); l \ list_N(A, succ(n))|] + ==> n = length(l)" +apply (rule le_anti_sym) + prefer 2 apply (simp add: list_N_imp_length_lt) +apply (frule list_N_imp_list, simp) +apply (simp add: not_lt_iff_le [symmetric]) +apply (blast intro: list_imp_list_N) +done + +text\Express \<^term>\list_rec\ without using \<^term>\rank\ or \<^term>\Vset\, +neither of which is absolute.\ +lemma (in M_trivial) list_rec_eq: + "l \ list(A) ==> + list_rec(a,g,l) = + transrec (succ(length(l)), + \x h. Lambda (list(A), + list_case' (a, + \a l. g(a, l, h ` succ(length(l)) ` l)))) ` l" +apply (induct_tac l) +apply (subst transrec, simp) +apply (subst transrec) +apply (simp add: list_imp_list_N) +done + +definition + is_list_N :: "[i=>o,i,i,i] => o" where + "is_list_N(M,A,n,Z) == + \zero[M]. empty(M,zero) & + is_iterates(M, is_list_functor(M,A), zero, n, Z)" + +definition + mem_list :: "[i=>o,i,i] => o" where + "mem_list(M,A,l) == + \n[M]. \listn[M]. + finite_ordinal(M,n) & is_list_N(M,A,n,listn) & l \ listn" + +definition + is_list :: "[i=>o,i,i] => o" where + "is_list(M,A,Z) == \l[M]. l \ Z \ mem_list(M,A,l)" + +subsubsection\Towards Absoluteness of \<^term>\formula_rec\\ + +consts depth :: "i=>i" +primrec + "depth(Member(x,y)) = 0" + "depth(Equal(x,y)) = 0" + "depth(Nand(p,q)) = succ(depth(p) \ depth(q))" + "depth(Forall(p)) = succ(depth(p))" + +lemma depth_type [TC]: "p \ formula ==> depth(p) \ nat" +by (induct_tac p, simp_all) + + +definition + formula_N :: "i => i" where + "formula_N(n) == (\X. ((nat*nat) + (nat*nat)) + (X*X + X)) ^ n (0)" + +lemma Member_in_formula_N [simp]: + "Member(x,y) \ formula_N(succ(n)) \ x \ nat & y \ nat" +by (simp add: formula_N_def Member_def) + +lemma Equal_in_formula_N [simp]: + "Equal(x,y) \ formula_N(succ(n)) \ x \ nat & y \ nat" +by (simp add: formula_N_def Equal_def) + +lemma Nand_in_formula_N [simp]: + "Nand(x,y) \ formula_N(succ(n)) \ x \ formula_N(n) & y \ formula_N(n)" +by (simp add: formula_N_def Nand_def) + +lemma Forall_in_formula_N [simp]: + "Forall(x) \ formula_N(succ(n)) \ x \ formula_N(n)" +by (simp add: formula_N_def Forall_def) + +text\These two aren't simprules because they reveal the underlying +formula representation.\ +lemma formula_N_0: "formula_N(0) = 0" +by (simp add: formula_N_def) + +lemma formula_N_succ: + "formula_N(succ(n)) = + ((nat*nat) + (nat*nat)) + (formula_N(n) * formula_N(n) + formula_N(n))" +by (simp add: formula_N_def) + +lemma formula_N_imp_formula: + "[| p \ formula_N(n); n \ nat |] ==> p \ formula" +by (force simp add: formula_eq_Union formula_N_def) + +lemma formula_N_imp_depth_lt [rule_format]: + "n \ nat ==> \p \ formula_N(n). depth(p) < n" +apply (induct_tac n) +apply (auto simp add: formula_N_0 formula_N_succ + depth_type formula_N_imp_formula Un_least_lt_iff + Member_def [symmetric] Equal_def [symmetric] + Nand_def [symmetric] Forall_def [symmetric]) +done + +lemma formula_imp_formula_N [rule_format]: + "p \ formula ==> \n\nat. depth(p) < n \ p \ formula_N(n)" +apply (induct_tac p) +apply (simp_all add: succ_Un_distrib Un_least_lt_iff) +apply (force elim: natE)+ +done + +lemma formula_N_imp_eq_depth: + "[|n \ nat; p \ formula_N(n); p \ formula_N(succ(n))|] + ==> n = depth(p)" +apply (rule le_anti_sym) + prefer 2 apply (simp add: formula_N_imp_depth_lt) +apply (frule formula_N_imp_formula, simp) +apply (simp add: not_lt_iff_le [symmetric]) +apply (blast intro: formula_imp_formula_N) +done + + +text\This result and the next are unused.\ +lemma formula_N_mono [rule_format]: + "[| m \ nat; n \ nat |] ==> m\n \ formula_N(m) \ formula_N(n)" +apply (rule_tac m = m and n = n in diff_induct) +apply (simp_all add: formula_N_0 formula_N_succ, blast) +done + +lemma formula_N_distrib: + "[| m \ nat; n \ nat |] ==> formula_N(m \ n) = formula_N(m) \ formula_N(n)" +apply (rule_tac i = m and j = n in Ord_linear_le, auto) +apply (simp_all add: subset_Un_iff [THEN iffD1] subset_Un_iff2 [THEN iffD1] + le_imp_subset formula_N_mono) +done + +definition + is_formula_N :: "[i=>o,i,i] => o" where + "is_formula_N(M,n,Z) == + \zero[M]. empty(M,zero) & + is_iterates(M, is_formula_functor(M), zero, n, Z)" + + +definition + mem_formula :: "[i=>o,i] => o" where + "mem_formula(M,p) == + \n[M]. \formn[M]. + finite_ordinal(M,n) & is_formula_N(M,n,formn) & p \ formn" + +definition + is_formula :: "[i=>o,i] => o" where + "is_formula(M,Z) == \p[M]. p \ Z \ mem_formula(M,p)" + +subsubsection\Absoluteness of the List Construction\ + + +subsubsection\Absoluteness of Formulas\ + + +subsection\Absoluteness for \\\-Closure: the \<^term>\eclose\ Operator\ + +text\Re-expresses eclose using "iterates"\ +lemma eclose_eq_Union: + "eclose(A) = (\n\nat. Union^n (A))" +apply (simp add: eclose_def) +apply (rule UN_cong) +apply (rule refl) +apply (induct_tac n) +apply (simp add: nat_rec_0) +apply (simp add: nat_rec_succ) +done + +definition + is_eclose_n :: "[i=>o,i,i,i] => o" where + "is_eclose_n(M,A,n,Z) == is_iterates(M, big_union(M), A, n, Z)" + +definition + mem_eclose :: "[i=>o,i,i] => o" where + "mem_eclose(M,A,l) == + \n[M]. \eclosen[M]. + finite_ordinal(M,n) & is_eclose_n(M,A,n,eclosen) & l \ eclosen" + +definition + is_eclose :: "[i=>o,i,i] => o" where + "is_eclose(M,A,Z) == \u[M]. u \ Z \ mem_eclose(M,A,u)" + + +locale M_eclose = M_trancl + + assumes eclose_replacement1: + "M(A) ==> iterates_replacement(M, big_union(M), A)" + and eclose_replacement2: + "M(A) ==> strong_replacement(M, + \n y. n\nat & is_iterates(M, big_union(M), A, n, y))" + +lemma (in M_eclose) eclose_replacement2': + "M(A) ==> strong_replacement(M, \n y. n\nat & y = Union^n (A))" +apply (insert eclose_replacement2 [of A]) +apply (rule strong_replacement_cong [THEN iffD1]) +apply (rule conj_cong [OF iff_refl iterates_abs [of "big_union(M)"]]) +apply (simp_all add: eclose_replacement1 relation1_def) +done + +lemma (in M_eclose) eclose_closed [intro,simp]: + "M(A) ==> M(eclose(A))" +apply (insert eclose_replacement1) +by (simp add: RepFun_closed2 eclose_eq_Union + eclose_replacement2' relation1_def + iterates_closed [of "big_union(M)"]) + +lemma (in M_eclose) is_eclose_n_abs [simp]: + "[|M(A); n\nat; M(Z)|] ==> is_eclose_n(M,A,n,Z) \ Z = Union^n (A)" +apply (insert eclose_replacement1) +apply (simp add: is_eclose_n_def relation1_def nat_into_M + iterates_abs [of "big_union(M)" _ "Union"]) +done + +lemma (in M_eclose) mem_eclose_abs [simp]: + "M(A) ==> mem_eclose(M,A,l) \ l \ eclose(A)" +apply (insert eclose_replacement1) +apply (simp add: mem_eclose_def relation1_def eclose_eq_Union + iterates_closed [of "big_union(M)"]) +done + +lemma (in M_eclose) eclose_abs [simp]: + "[|M(A); M(Z)|] ==> is_eclose(M,A,Z) \ Z = eclose(A)" +apply (simp add: is_eclose_def, safe) +apply (rule M_equalityI, simp_all) +done + + +subsection \Absoluteness for \<^term>\transrec\\ + +text\\<^prop>\transrec(a,H) \ wfrec(Memrel(eclose({a})), a, H)\\ + +definition + is_transrec :: "[i=>o, [i,i,i]=>o, i, i] => o" where + "is_transrec(M,MH,a,z) == + \sa[M]. \esa[M]. \mesa[M]. + upair(M,a,a,sa) & is_eclose(M,sa,esa) & membership(M,esa,mesa) & + is_wfrec(M,MH,mesa,a,z)" + +definition + transrec_replacement :: "[i=>o, [i,i,i]=>o, i] => o" where + "transrec_replacement(M,MH,a) == + \sa[M]. \esa[M]. \mesa[M]. + upair(M,a,a,sa) & is_eclose(M,sa,esa) & membership(M,esa,mesa) & + wfrec_replacement(M,MH,mesa)" + +text\The condition \<^term>\Ord(i)\ lets us use the simpler + \trans_wfrec_abs\ rather than \trans_wfrec_abs\, + which I haven't even proved yet.\ +theorem (in M_eclose) transrec_abs: + "[|transrec_replacement(M,MH,i); relation2(M,MH,H); + Ord(i); M(i); M(z); + \x[M]. \g[M]. function(g) \ M(H(x,g))|] + ==> is_transrec(M,MH,i,z) \ z = transrec(i,H)" +by (simp add: trans_wfrec_abs transrec_replacement_def is_transrec_def + transrec_def eclose_sing_Ord_eq wf_Memrel trans_Memrel relation_Memrel) + + +theorem (in M_eclose) transrec_closed: + "[|transrec_replacement(M,MH,i); relation2(M,MH,H); + Ord(i); M(i); + \x[M]. \g[M]. function(g) \ M(H(x,g))|] + ==> M(transrec(i,H))" +by (simp add: trans_wfrec_closed transrec_replacement_def is_transrec_def + transrec_def eclose_sing_Ord_eq wf_Memrel trans_Memrel relation_Memrel) + + +text\Helps to prove instances of \<^term>\transrec_replacement\\ +lemma (in M_eclose) transrec_replacementI: + "[|M(a); + strong_replacement (M, + \x z. \y[M]. pair(M, x, y, z) & + is_wfrec(M,MH,Memrel(eclose({a})),x,y))|] + ==> transrec_replacement(M,MH,a)" +by (simp add: transrec_replacement_def wfrec_replacement_def) + + +subsection\Absoluteness for the List Operator \<^term>\length\\ +text\But it is never used.\ + +definition + is_length :: "[i=>o,i,i,i] => o" where + "is_length(M,A,l,n) == + \sn[M]. \list_n[M]. \list_sn[M]. + is_list_N(M,A,n,list_n) & l \ list_n & + successor(M,n,sn) & is_list_N(M,A,sn,list_sn) & l \ list_sn" + + +text\Proof is trivial since \<^term>\length\ returns natural numbers.\ +lemma (in M_trivial) length_closed [intro,simp]: + "l \ list(A) ==> M(length(l))" +by (simp add: nat_into_M) + + +subsection \Absoluteness for the List Operator \<^term>\nth\\ + +lemma nth_eq_hd_iterates_tl [rule_format]: + "xs \ list(A) ==> \n \ nat. nth(n,xs) = hd' (tl'^n (xs))" +apply (induct_tac xs) +apply (simp add: iterates_tl_Nil hd'_Nil, clarify) +apply (erule natE) +apply (simp add: hd'_Cons) +apply (simp add: tl'_Cons iterates_commute) +done + +lemma (in M_basic) iterates_tl'_closed: + "[|n \ nat; M(x)|] ==> M(tl'^n (x))" +apply (induct_tac n, simp) +apply (simp add: tl'_Cons tl'_closed) +done + +text\Immediate by type-checking\ +lemma (in M_trancl) nth_closed [intro,simp]: + "[|xs \ list(A); n \ nat; M(A)|] ==> M(nth(n,xs))" +apply (case_tac "n < length(xs)") + apply (blast intro: nth_type transM) +apply (simp add: not_lt_iff_le nth_eq_0) +done + +subsection\Relativization and Absoluteness for the \<^term>\formula\ Constructors\ + +definition + is_Member :: "[i=>o,i,i,i] => o" where + \ \because \<^term>\Member(x,y) \ Inl(Inl(\x,y\))\\ + "is_Member(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inl(M,u,Z)" + +lemma (in M_trivial) Member_abs [simp]: + "[|M(x); M(y); M(Z)|] ==> is_Member(M,x,y,Z) \ (Z = Member(x,y))" +by (simp add: is_Member_def Member_def) + +lemma (in M_trivial) Member_in_M_iff [iff]: + "M(Member(x,y)) \ M(x) & M(y)" +by (simp add: Member_def) + +definition + is_Equal :: "[i=>o,i,i,i] => o" where + \ \because \<^term>\Equal(x,y) \ Inl(Inr(\x,y\))\\ + "is_Equal(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inr(M,p,u) & is_Inl(M,u,Z)" + +lemma (in M_trivial) Equal_abs [simp]: + "[|M(x); M(y); M(Z)|] ==> is_Equal(M,x,y,Z) \ (Z = Equal(x,y))" +by (simp add: is_Equal_def Equal_def) + +lemma (in M_trivial) Equal_in_M_iff [iff]: "M(Equal(x,y)) \ M(x) & M(y)" +by (simp add: Equal_def) + +definition + is_Nand :: "[i=>o,i,i,i] => o" where + \ \because \<^term>\Nand(x,y) \ Inr(Inl(\x,y\))\\ + "is_Nand(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inr(M,u,Z)" + +lemma (in M_trivial) Nand_abs [simp]: + "[|M(x); M(y); M(Z)|] ==> is_Nand(M,x,y,Z) \ (Z = Nand(x,y))" +by (simp add: is_Nand_def Nand_def) + +lemma (in M_trivial) Nand_in_M_iff [iff]: "M(Nand(x,y)) \ M(x) & M(y)" +by (simp add: Nand_def) + +definition + is_Forall :: "[i=>o,i,i] => o" where + \ \because \<^term>\Forall(x) \ Inr(Inr(p))\\ + "is_Forall(M,p,Z) == \u[M]. is_Inr(M,p,u) & is_Inr(M,u,Z)" + +lemma (in M_trivial) Forall_abs [simp]: + "[|M(x); M(Z)|] ==> is_Forall(M,x,Z) \ (Z = Forall(x))" +by (simp add: is_Forall_def Forall_def) + +lemma (in M_trivial) Forall_in_M_iff [iff]: "M(Forall(x)) \ M(x)" +by (simp add: Forall_def) + + + +subsection \Absoluteness for \<^term>\formula_rec\\ + +definition + formula_rec_case :: "[[i,i]=>i, [i,i]=>i, [i,i,i,i]=>i, [i,i]=>i, i, i] => i" where + \ \the instance of \<^term>\formula_case\ in \<^term>\formula_rec\\ + "formula_rec_case(a,b,c,d,h) == + formula_case (a, b, + \u v. c(u, v, h ` succ(depth(u)) ` u, + h ` succ(depth(v)) ` v), + \u. d(u, h ` succ(depth(u)) ` u))" + +text\Unfold \<^term>\formula_rec\ to \<^term>\formula_rec_case\. + Express \<^term>\formula_rec\ without using \<^term>\rank\ or \<^term>\Vset\, +neither of which is absolute.\ +lemma (in M_trivial) formula_rec_eq: + "p \ formula ==> + formula_rec(a,b,c,d,p) = + transrec (succ(depth(p)), + \x h. Lambda (formula, formula_rec_case(a,b,c,d,h))) ` p" +apply (simp add: formula_rec_case_def) +apply (induct_tac p) + txt\Base case for \<^term>\Member\\ + apply (subst transrec, simp add: formula.intros) + txt\Base case for \<^term>\Equal\\ + apply (subst transrec, simp add: formula.intros) + txt\Inductive step for \<^term>\Nand\\ + apply (subst transrec) + apply (simp add: succ_Un_distrib formula.intros) +txt\Inductive step for \<^term>\Forall\\ +apply (subst transrec) +apply (simp add: formula_imp_formula_N formula.intros) +done + + +subsubsection\Absoluteness for the Formula Operator \<^term>\depth\\ + +definition + is_depth :: "[i=>o,i,i] => o" where + "is_depth(M,p,n) == + \sn[M]. \formula_n[M]. \formula_sn[M]. + is_formula_N(M,n,formula_n) & p \ formula_n & + successor(M,n,sn) & is_formula_N(M,sn,formula_sn) & p \ formula_sn" + + + +text\Proof is trivial since \<^term>\depth\ returns natural numbers.\ +lemma (in M_trivial) depth_closed [intro,simp]: + "p \ formula ==> M(depth(p))" +by (simp add: nat_into_M) + + + +end diff --git a/thys/Transitive_Models/Internalizations.thy b/thys/Transitive_Models/Internalizations.thy --- a/thys/Transitive_Models/Internalizations.thy +++ b/thys/Transitive_Models/Internalizations.thy @@ -1,279 +1,279 @@ section\Aids to internalize formulas\ theory Internalizations imports - "ZF-Constructible.DPow_absolute" + DPow_absolute Synthetic_Definition Nat_Miscellanea begin hide_const (open) Order.pred definition infinity_ax :: "(i \ o) \ o" where "infinity_ax(M) \ (\I[M]. (\z[M]. empty(M,z) \ z\I) \ (\y[M]. y\I \ (\sy[M]. successor(M,y,sy) \ sy\I)))" definition wellfounded_trancl :: "[i=>o,i,i,i] => o" where "wellfounded_trancl(M,Z,r,p) \ \w[M]. \wx[M]. \rp[M]. w \ Z & pair(M,w,p,wx) & tran_closure(M,r,rp) & wx \ rp" lemma empty_intf : "infinity_ax(M) \ (\z[M]. empty(M,z))" by (auto simp add: empty_def infinity_ax_def) lemma Transset_intf : "Transset(M) \ y\x \ x \ M \ y \ M" by (simp add: Transset_def,auto) definition choice_ax :: "(i\o) \ o" where "choice_ax(M) \ \x[M]. \a[M]. \f[M]. ordinal(M,a) \ surjection(M,a,x,f)" lemma (in M_basic) choice_ax_abs : "choice_ax(M) \ (\x[M]. \a[M]. \f[M]. Ord(a) \ f \ surj(a,x))" unfolding choice_ax_def by simp txt\Setting up notation for internalized formulas\ abbreviation dec10 :: i ("10") where "10 \ succ(9)" abbreviation dec11 :: i ("11") where "11 \ succ(10)" abbreviation dec12 :: i ("12") where "12 \ succ(11)" abbreviation dec13 :: i ("13") where "13 \ succ(12)" abbreviation dec14 :: i ("14") where "14 \ succ(13)" abbreviation dec15 :: i ("15") where "15 \ succ(14)" abbreviation dec16 :: i ("16") where "16 \ succ(15)" abbreviation dec17 :: i ("17") where "17 \ succ(16)" abbreviation dec18 :: i ("18") where "18 \ succ(17)" abbreviation dec19 :: i ("19") where "19 \ succ(18)" abbreviation dec20 :: i ("20") where "20 \ succ(19)" abbreviation dec21 :: i ("21") where "21 \ succ(20)" abbreviation dec22 :: i ("22") where "22 \ succ(21)" abbreviation dec23 :: i ("23") where "23 \ succ(22)" abbreviation dec24 :: i ("24") where "24 \ succ(23)" abbreviation dec25 :: i ("25") where "25 \ succ(24)" abbreviation dec26 :: i ("26") where "26 \ succ(25)" abbreviation dec27 :: i ("27") where "27 \ succ(26)" abbreviation dec28 :: i ("28") where "28 \ succ(27)" abbreviation dec29 :: i ("29") where "29 \ succ(28)" notation Member (\\_ \/ _\\) notation Equal (\\_ =/ _\\) notation Nand (\\\'(_ \/ _')\\) notation And (\\_ \/ _\\) notation Or (\\_ \/ _\\) notation Iff (\\_ \/ _\\) notation Implies (\\_ \/ _\\) notation Neg (\\\_\\) notation Forall (\'(\\(/_)\')\) notation Exists (\'(\\(/_)\')\) notation subset_fm (\\_ \/ _\\) notation succ_fm (\\succ'(_') is _\\) notation empty_fm (\\_ is empty\\) notation fun_apply_fm (\\_`_ is _\\) notation big_union_fm (\\\_ is _\\) notation upair_fm (\\{_,_} is _ \\) notation ordinal_fm (\\_ is ordinal\\) notation pair_fm (\\\_,_\ is _ \\) notation composition_fm (\\_ \ _ is _ \\) notation domain_fm (\\dom'(_') is _ \\) notation range_fm (\\ran'(_') is _ \\) notation union_fm (\\_ \ _ is _ \\) notation image_fm (\\_ `` _ is _ \\) notation pre_image_fm (\\_ -`` _ is _ \\) notation field_fm (\\fld'(_') is _ \\) notation cons_fm (\\cons'(_,_') is _ \\) notation number1_fm (\\_ is the number one\\) notation function_fm (\\_ is funct\\) notation relation_fm (\\_ is relat\\) notation restriction_fm (\\_ \ _ is _ \\) notation transset_fm (\\_ is transitive\\) notation limit_ordinal_fm (\\_ is limit\\) notation finite_ordinal_fm (\\_ is finite ord\\) notation omega_fm (\\_ is \\\) notation cartprod_fm (\\_ \ _ is _\\) notation Memrel_fm (\\Memrel'(_') is _\\) notation quasinat_fm (\\_ is qnat\\) (* notation rtran_closure_mem_fm (\\{_,_} is _ \\) notation rtran_closure_fm (\\{_,_} is _ \\) notation tran_closure_fm (\\_ is \\) notation order_isomorphism_fm (\\{_,_} is _ \\) *) notation Inl_fm (\\Inl'(_') is _ \\) notation Inr_fm (\\Inr'(_') is _ \\) notation pred_set_fm (\\_-predecessors of _ are _\\) abbreviation fm_typedfun :: "[i,i,i] \ i" (\\_ : _ \ _\\) where "fm_typedfun(f,A,B) \ typed_function_fm(A,B,f)" abbreviation fm_surjection :: "[i,i,i] \ i" (\\_ surjects _ to _\\) where "fm_surjection(f,A,B) \ surjection_fm(A,B,f)" abbreviation fm_injection :: "[i,i,i] \ i" (\\_ injects _ to _\\) where "fm_injection(f,A,B) \ injection_fm(A,B,f)" abbreviation fm_bijection :: "[i,i,i] \ i" (\\_ bijects _ to _\\) where "fm_bijection(f,A,B) \ bijection_fm(A,B,f)" text\We found it useful to have slightly different versions of some results in ZF-Constructible:\ lemma nth_closed : assumes "env\list(A)" "0\A" shows "nth(n,env)\A" using assms unfolding nth_def by (induct env; simp) lemma conj_setclass_model_iff_sats [iff_sats]: "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (P \ (##A)(x)) \ sats(A, p, env)" "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> ((##A)(x) \ P) \ sats(A, p, env)" using nth_closed[of env A i] by auto lemma conj_mem_model_iff_sats [iff_sats]: "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (P \ x \ A) \ sats(A, p, env)" "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (x \ A \ P) \ sats(A, p, env)" using nth_closed[of env A i] by auto (* lemma [iff_sats]: "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (x \ A \ P) \ sats(A, p, env)" "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (P \ x \ A) \ sats(A, p, env)" "[| 0 \ A; nth(i,env) = x; env \ list(A); P \ sats(A,p,env); env \ list(A) |] ==> (x \ A \ P) \ sats(A, p, env)" using nth_closed[of env A i] by auto *) lemma mem_model_iff_sats [iff_sats]: "[| 0 \ A; nth(i,env) = x; env \ list(A)|] ==> (x\A) \ sats(A, Exists(Equal(0,0)), env)" using nth_closed[of env A i] by auto lemma subset_iff_sats[iff_sats]: "nth(i, env) = x \ nth(j, env) = y \ i\nat \ j\nat \ env \ list(A) \ subset(##A, x, y) \ sats(A, subset_fm(i, j), env)" using sats_subset_fm' by simp lemma not_mem_model_iff_sats [iff_sats]: "[| 0 \ A; nth(i,env) = x; env \ list(A)|] ==> (\ x . x \ A) \ sats(A, Neg(Exists(Equal(0,0))), env)" by auto lemma top_iff_sats [iff_sats]: "env \ list(A) \ 0 \ A \ sats(A, Exists(Equal(0,0)), env)" by auto lemma prefix1_iff_sats[iff_sats]: assumes "x \ nat" "env \ list(A)" "0 \ A" "a \ A" shows "a = nth(x,env) \ sats(A, Equal(0,x+\<^sub>\1), Cons(a,env))" "nth(x,env) = a \ sats(A, Equal(x+\<^sub>\1,0), Cons(a,env))" "a \ nth(x,env) \ sats(A, Member(0,x+\<^sub>\1), Cons(a,env))" "nth(x,env) \ a \ sats(A, Member(x+\<^sub>\1,0), Cons(a,env))" using assms nth_closed by simp_all lemma prefix2_iff_sats[iff_sats]: assumes "x \ nat" "env \ list(A)" "0 \ A" "a \ A" "b \ A" shows "b = nth(x,env) \ sats(A, Equal(1,x+\<^sub>\2), Cons(a,Cons(b,env)))" "nth(x,env) = b \ sats(A, Equal(x+\<^sub>\2,1), Cons(a,Cons(b,env)))" "b \ nth(x,env) \ sats(A, Member(1,x+\<^sub>\2), Cons(a,Cons(b,env)))" "nth(x,env) \ b \ sats(A, Member(x+\<^sub>\2,1), Cons(a,Cons(b,env)))" using assms nth_closed by simp_all lemma prefix3_iff_sats[iff_sats]: assumes "x \ nat" "env \ list(A)" "0 \ A" "a \ A" "b \ A" "c \ A" shows "c = nth(x,env) \ sats(A, Equal(2,x+\<^sub>\3), Cons(a,Cons(b,Cons(c,env))))" "nth(x,env) = c \ sats(A, Equal(x+\<^sub>\3,2), Cons(a,Cons(b,Cons(c,env))))" "c \ nth(x,env) \ sats(A, Member(2,x+\<^sub>\3), Cons(a,Cons(b,Cons(c,env))))" "nth(x,env) \ c \ sats(A, Member(x+\<^sub>\3,2), Cons(a,Cons(b,Cons(c,env))))" using assms nth_closed by simp_all lemmas FOL_sats_iff = sats_Nand_iff sats_Forall_iff sats_Neg_iff sats_And_iff sats_Or_iff sats_Implies_iff sats_Iff_iff sats_Exists_iff lemma nth_ConsI: "\nth(n,l) = x; n \ nat\ \ nth(succ(n), Cons(a,l)) = x" by simp lemmas nth_rules = nth_0 nth_ConsI nat_0I nat_succI lemmas sep_rules = nth_0 nth_ConsI FOL_iff_sats function_iff_sats fun_plus_iff_sats successor_iff_sats omega_iff_sats FOL_sats_iff Replace_iff_sats text\Also a different compilation of lemmas (term\sep_rules\) used in formula synthesis\ lemmas fm_defs = omega_fm_def limit_ordinal_fm_def empty_fm_def typed_function_fm_def pair_fm_def upair_fm_def domain_fm_def function_fm_def succ_fm_def cons_fm_def fun_apply_fm_def image_fm_def big_union_fm_def union_fm_def relation_fm_def composition_fm_def field_fm_def ordinal_fm_def range_fm_def transset_fm_def subset_fm_def Replace_fm_def lemmas formulas_def [fm_definitions] = fm_defs is_iterates_fm_def iterates_MH_fm_def is_wfrec_fm_def is_recfun_fm_def is_transrec_fm_def is_nat_case_fm_def quasinat_fm_def number1_fm_def ordinal_fm_def finite_ordinal_fm_def cartprod_fm_def sum_fm_def Inr_fm_def Inl_fm_def formula_functor_fm_def Memrel_fm_def transset_fm_def subset_fm_def pre_image_fm_def restriction_fm_def list_functor_fm_def tl_fm_def quasilist_fm_def Cons_fm_def Nil_fm_def lemmas sep_rules' [iff_sats] = nth_0 nth_ConsI FOL_iff_sats function_iff_sats fun_plus_iff_sats omega_iff_sats lemmas more_iff_sats [iff_sats] = rtran_closure_iff_sats tran_closure_iff_sats is_eclose_iff_sats Inl_iff_sats Inr_iff_sats fun_apply_iff_sats cartprod_iff_sats Collect_iff_sats end \ No newline at end of file diff --git a/thys/Transitive_Models/Internalize.thy b/thys/Transitive_Models/Internalize.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/Internalize.thy @@ -0,0 +1,1483 @@ +(* Title: ZF/Constructible/Internalize.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +theory Internalize imports "ZF-Constructible.L_axioms" Eclose_Absolute begin + +subsection\Internalized Forms of Data Structuring Operators\ + +subsubsection\The Formula \<^term>\is_Inl\, Internalized\ + +(* is_Inl(M,a,z) == \zero[M]. empty(M,zero) & pair(M,zero,a,z) *) +definition + Inl_fm :: "[i,i]=>i" where + "Inl_fm(a,z) == Exists(And(empty_fm(0), pair_fm(0,succ(a),succ(z))))" + +lemma Inl_type [TC]: + "[| x \ nat; z \ nat |] ==> Inl_fm(x,z) \ formula" +by (simp add: Inl_fm_def) + +lemma sats_Inl_fm [simp]: + "[| x \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Inl_fm(x,z), env) \ is_Inl(##A, nth(x,env), nth(z,env))" +by (simp add: Inl_fm_def is_Inl_def) + +lemma Inl_iff_sats: + "[| nth(i,env) = x; nth(k,env) = z; + i \ nat; k \ nat; env \ list(A)|] + ==> is_Inl(##A, x, z) \ sats(A, Inl_fm(i,k), env)" +by simp + +theorem Inl_reflection: + "REFLECTS[\x. is_Inl(L,f(x),h(x)), + \i x. is_Inl(##Lset(i),f(x),h(x))]" +apply (simp only: is_Inl_def) +apply (intro FOL_reflections function_reflections) +done + + +subsubsection\The Formula \<^term>\is_Inr\, Internalized\ + +(* is_Inr(M,a,z) == \n1[M]. number1(M,n1) & pair(M,n1,a,z) *) +definition + Inr_fm :: "[i,i]=>i" where + "Inr_fm(a,z) == Exists(And(number1_fm(0), pair_fm(0,succ(a),succ(z))))" + +lemma Inr_type [TC]: + "[| x \ nat; z \ nat |] ==> Inr_fm(x,z) \ formula" +by (simp add: Inr_fm_def) + +lemma sats_Inr_fm [simp]: + "[| x \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Inr_fm(x,z), env) \ is_Inr(##A, nth(x,env), nth(z,env))" +by (simp add: Inr_fm_def is_Inr_def) + +lemma Inr_iff_sats: + "[| nth(i,env) = x; nth(k,env) = z; + i \ nat; k \ nat; env \ list(A)|] + ==> is_Inr(##A, x, z) \ sats(A, Inr_fm(i,k), env)" +by simp + +theorem Inr_reflection: + "REFLECTS[\x. is_Inr(L,f(x),h(x)), + \i x. is_Inr(##Lset(i),f(x),h(x))]" +apply (simp only: is_Inr_def) +apply (intro FOL_reflections function_reflections) +done + + +subsubsection\The Formula \<^term>\is_Nil\, Internalized\ + +(* is_Nil(M,xs) == \zero[M]. empty(M,zero) & is_Inl(M,zero,xs) *) + +definition + Nil_fm :: "i=>i" where + "Nil_fm(x) == Exists(And(empty_fm(0), Inl_fm(0,succ(x))))" + +lemma Nil_type [TC]: "x \ nat ==> Nil_fm(x) \ formula" +by (simp add: Nil_fm_def) + +lemma sats_Nil_fm [simp]: + "[| x \ nat; env \ list(A)|] + ==> sats(A, Nil_fm(x), env) \ is_Nil(##A, nth(x,env))" +by (simp add: Nil_fm_def is_Nil_def) + +lemma Nil_iff_sats: + "[| nth(i,env) = x; i \ nat; env \ list(A)|] + ==> is_Nil(##A, x) \ sats(A, Nil_fm(i), env)" +by simp + +theorem Nil_reflection: + "REFLECTS[\x. is_Nil(L,f(x)), + \i x. is_Nil(##Lset(i),f(x))]" +apply (simp only: is_Nil_def) +apply (intro FOL_reflections function_reflections Inl_reflection) +done + + +subsubsection\The Formula \<^term>\is_Cons\, Internalized\ + + +(* "is_Cons(M,a,l,Z) == \p[M]. pair(M,a,l,p) & is_Inr(M,p,Z)" *) +definition + Cons_fm :: "[i,i,i]=>i" where + "Cons_fm(a,l,Z) == + Exists(And(pair_fm(succ(a),succ(l),0), Inr_fm(0,succ(Z))))" + +lemma Cons_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> Cons_fm(x,y,z) \ formula" +by (simp add: Cons_fm_def) + +lemma sats_Cons_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Cons_fm(x,y,z), env) \ + is_Cons(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: Cons_fm_def is_Cons_def) + +lemma Cons_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==>is_Cons(##A, x, y, z) \ sats(A, Cons_fm(i,j,k), env)" +by simp + +theorem Cons_reflection: + "REFLECTS[\x. is_Cons(L,f(x),g(x),h(x)), + \i x. is_Cons(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_Cons_def) +apply (intro FOL_reflections pair_reflection Inr_reflection) +done + +subsubsection\The Formula \<^term>\is_quasilist\, Internalized\ + +(* is_quasilist(M,xs) == is_Nil(M,z) | (\x[M]. \l[M]. is_Cons(M,x,l,z))" *) + +definition + quasilist_fm :: "i=>i" where + "quasilist_fm(x) == + Or(Nil_fm(x), Exists(Exists(Cons_fm(1,0,succ(succ(x))))))" + +lemma quasilist_type [TC]: "x \ nat ==> quasilist_fm(x) \ formula" +by (simp add: quasilist_fm_def) + +lemma sats_quasilist_fm [simp]: + "[| x \ nat; env \ list(A)|] + ==> sats(A, quasilist_fm(x), env) \ is_quasilist(##A, nth(x,env))" +by (simp add: quasilist_fm_def is_quasilist_def) + +lemma quasilist_iff_sats: + "[| nth(i,env) = x; i \ nat; env \ list(A)|] + ==> is_quasilist(##A, x) \ sats(A, quasilist_fm(i), env)" +by simp + +theorem quasilist_reflection: + "REFLECTS[\x. is_quasilist(L,f(x)), + \i x. is_quasilist(##Lset(i),f(x))]" +apply (simp only: is_quasilist_def) +apply (intro FOL_reflections Nil_reflection Cons_reflection) +done + + +subsection\Absoluteness for the Function \<^term>\nth\\ + + +subsubsection\The Formula \<^term>\is_hd\, Internalized\ + +(* "is_hd(M,xs,H) == + (is_Nil(M,xs) \ empty(M,H)) & + (\x[M]. \l[M]. ~ is_Cons(M,x,l,xs) | H=x) & + (is_quasilist(M,xs) | empty(M,H))" *) +definition + hd_fm :: "[i,i]=>i" where + "hd_fm(xs,H) == + And(Implies(Nil_fm(xs), empty_fm(H)), + And(Forall(Forall(Or(Neg(Cons_fm(1,0,xs#+2)), Equal(H#+2,1)))), + Or(quasilist_fm(xs), empty_fm(H))))" + +lemma hd_type [TC]: + "[| x \ nat; y \ nat |] ==> hd_fm(x,y) \ formula" +by (simp add: hd_fm_def) + +lemma sats_hd_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, hd_fm(x,y), env) \ is_hd(##A, nth(x,env), nth(y,env))" +by (simp add: hd_fm_def is_hd_def) + +lemma hd_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_hd(##A, x, y) \ sats(A, hd_fm(i,j), env)" +by simp + +theorem hd_reflection: + "REFLECTS[\x. is_hd(L,f(x),g(x)), + \i x. is_hd(##Lset(i),f(x),g(x))]" +apply (simp only: is_hd_def) +apply (intro FOL_reflections Nil_reflection Cons_reflection + quasilist_reflection empty_reflection) +done + + +subsubsection\The Formula \<^term>\is_tl\, Internalized\ + +(* "is_tl(M,xs,T) == + (is_Nil(M,xs) \ T=xs) & + (\x[M]. \l[M]. ~ is_Cons(M,x,l,xs) | T=l) & + (is_quasilist(M,xs) | empty(M,T))" *) +definition + tl_fm :: "[i,i]=>i" where + "tl_fm(xs,T) == + And(Implies(Nil_fm(xs), Equal(T,xs)), + And(Forall(Forall(Or(Neg(Cons_fm(1,0,xs#+2)), Equal(T#+2,0)))), + Or(quasilist_fm(xs), empty_fm(T))))" + +lemma tl_type [TC]: + "[| x \ nat; y \ nat |] ==> tl_fm(x,y) \ formula" +by (simp add: tl_fm_def) + +lemma sats_tl_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, tl_fm(x,y), env) \ is_tl(##A, nth(x,env), nth(y,env))" +by (simp add: tl_fm_def is_tl_def) + +lemma tl_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_tl(##A, x, y) \ sats(A, tl_fm(i,j), env)" +by simp + +theorem tl_reflection: + "REFLECTS[\x. is_tl(L,f(x),g(x)), + \i x. is_tl(##Lset(i),f(x),g(x))]" +apply (simp only: is_tl_def) +apply (intro FOL_reflections Nil_reflection Cons_reflection + quasilist_reflection empty_reflection) +done + + +subsubsection\The Operator \<^term>\is_bool_of_o\\ + +(* is_bool_of_o :: "[i=>o, o, i] => o" + "is_bool_of_o(M,P,z) == (P & number1(M,z)) | (~P & empty(M,z))" *) + +text\The formula \<^term>\p\ has no free variables.\ +definition + bool_of_o_fm :: "[i, i]=>i" where + "bool_of_o_fm(p,z) == + Or(And(p,number1_fm(z)), + And(Neg(p),empty_fm(z)))" + +lemma is_bool_of_o_type [TC]: + "[| p \ formula; z \ nat |] ==> bool_of_o_fm(p,z) \ formula" +by (simp add: bool_of_o_fm_def) + +lemma sats_bool_of_o_fm: + assumes p_iff_sats: "P \ sats(A, p, env)" + shows + "[|z \ nat; env \ list(A)|] + ==> sats(A, bool_of_o_fm(p,z), env) \ + is_bool_of_o(##A, P, nth(z,env))" +by (simp add: bool_of_o_fm_def is_bool_of_o_def p_iff_sats [THEN iff_sym]) + +lemma is_bool_of_o_iff_sats: + "[| P \ sats(A, p, env); nth(k,env) = z; k \ nat; env \ list(A)|] + ==> is_bool_of_o(##A, P, z) \ sats(A, bool_of_o_fm(p,k), env)" +by (simp add: sats_bool_of_o_fm) + +theorem bool_of_o_reflection: + "REFLECTS [P(L), \i. P(##Lset(i))] ==> + REFLECTS[\x. is_bool_of_o(L, P(L,x), f(x)), + \i x. is_bool_of_o(##Lset(i), P(##Lset(i),x), f(x))]" +apply (simp (no_asm) only: is_bool_of_o_def) +apply (intro FOL_reflections function_reflections, assumption+) +done + + +subsection\More Internalizations\ + +subsubsection\The Operator \<^term>\is_lambda\\ + +text\The two arguments of \<^term>\p\ are always 1, 0. Remember that + \<^term>\p\ will be enclosed by three quantifiers.\ + +(* is_lambda :: "[i=>o, i, [i,i]=>o, i] => o" + "is_lambda(M, A, is_b, z) == + \p[M]. p \ z \ + (\u[M]. \v[M]. u\A & pair(M,u,v,p) & is_b(u,v))" *) +definition + lambda_fm :: "[i, i, i]=>i" where + "lambda_fm(p,A,z) == + Forall(Iff(Member(0,succ(z)), + Exists(Exists(And(Member(1,A#+3), + And(pair_fm(1,0,2), p))))))" + +text\We call \<^term>\p\ with arguments x, y by equating them with + the corresponding quantified variables with de Bruijn indices 1, 0.\ + +lemma is_lambda_type [TC]: + "[| p \ formula; x \ nat; y \ nat |] + ==> lambda_fm(p,x,y) \ formula" +by (simp add: lambda_fm_def) + +lemma sats_lambda_fm: + assumes is_b_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> is_b(a1, a0) \ sats(A, p, Cons(a0,Cons(a1,Cons(a2,env))))" + shows + "[|x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, lambda_fm(p,x,y), env) \ + is_lambda(##A, nth(x,env), is_b, nth(y,env))" +by (simp add: lambda_fm_def is_lambda_def is_b_iff_sats [THEN iff_sym]) + +theorem is_lambda_reflection: + assumes is_b_reflection: + "!!f g h. REFLECTS[\x. is_b(L, f(x), g(x), h(x)), + \i x. is_b(##Lset(i), f(x), g(x), h(x))]" + shows "REFLECTS[\x. is_lambda(L, A(x), is_b(L,x), f(x)), + \i x. is_lambda(##Lset(i), A(x), is_b(##Lset(i),x), f(x))]" +apply (simp (no_asm_use) only: is_lambda_def) +apply (intro FOL_reflections is_b_reflection pair_reflection) +done + +subsubsection\The Operator \<^term>\is_Member\, Internalized\ + +(* "is_Member(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inl(M,u,Z)" *) +definition + Member_fm :: "[i,i,i]=>i" where + "Member_fm(x,y,Z) == + Exists(Exists(And(pair_fm(x#+2,y#+2,1), + And(Inl_fm(1,0), Inl_fm(0,Z#+2)))))" + +lemma is_Member_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> Member_fm(x,y,z) \ formula" +by (simp add: Member_fm_def) + +lemma sats_Member_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Member_fm(x,y,z), env) \ + is_Member(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: Member_fm_def is_Member_def) + +lemma Member_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_Member(##A, x, y, z) \ sats(A, Member_fm(i,j,k), env)" +by (simp) + +theorem Member_reflection: + "REFLECTS[\x. is_Member(L,f(x),g(x),h(x)), + \i x. is_Member(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_Member_def) +apply (intro FOL_reflections pair_reflection Inl_reflection) +done + +subsubsection\The Operator \<^term>\is_Equal\, Internalized\ + +(* "is_Equal(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inr(M,p,u) & is_Inl(M,u,Z)" *) +definition + Equal_fm :: "[i,i,i]=>i" where + "Equal_fm(x,y,Z) == + Exists(Exists(And(pair_fm(x#+2,y#+2,1), + And(Inr_fm(1,0), Inl_fm(0,Z#+2)))))" + +lemma is_Equal_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> Equal_fm(x,y,z) \ formula" +by (simp add: Equal_fm_def) + +lemma sats_Equal_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Equal_fm(x,y,z), env) \ + is_Equal(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: Equal_fm_def is_Equal_def) + +lemma Equal_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_Equal(##A, x, y, z) \ sats(A, Equal_fm(i,j,k), env)" +by (simp) + +theorem Equal_reflection: + "REFLECTS[\x. is_Equal(L,f(x),g(x),h(x)), + \i x. is_Equal(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_Equal_def) +apply (intro FOL_reflections pair_reflection Inl_reflection Inr_reflection) +done + +subsubsection\The Operator \<^term>\is_Nand\, Internalized\ + +(* "is_Nand(M,x,y,Z) == + \p[M]. \u[M]. pair(M,x,y,p) & is_Inl(M,p,u) & is_Inr(M,u,Z)" *) +definition + Nand_fm :: "[i,i,i]=>i" where + "Nand_fm(x,y,Z) == + Exists(Exists(And(pair_fm(x#+2,y#+2,1), + And(Inl_fm(1,0), Inr_fm(0,Z#+2)))))" + +lemma is_Nand_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> Nand_fm(x,y,z) \ formula" +by (simp add: Nand_fm_def) + +lemma sats_Nand_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, Nand_fm(x,y,z), env) \ + is_Nand(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: Nand_fm_def is_Nand_def) + +lemma Nand_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_Nand(##A, x, y, z) \ sats(A, Nand_fm(i,j,k), env)" +by (simp) + +theorem Nand_reflection: + "REFLECTS[\x. is_Nand(L,f(x),g(x),h(x)), + \i x. is_Nand(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_Nand_def) +apply (intro FOL_reflections pair_reflection Inl_reflection Inr_reflection) +done + +subsubsection\The Operator \<^term>\is_Forall\, Internalized\ + +(* "is_Forall(M,p,Z) == \u[M]. is_Inr(M,p,u) & is_Inr(M,u,Z)" *) +definition + Forall_fm :: "[i,i]=>i" where + "Forall_fm(x,Z) == + Exists(And(Inr_fm(succ(x),0), Inr_fm(0,succ(Z))))" + +lemma is_Forall_type [TC]: + "[| x \ nat; y \ nat |] ==> Forall_fm(x,y) \ formula" +by (simp add: Forall_fm_def) + +lemma sats_Forall_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, Forall_fm(x,y), env) \ + is_Forall(##A, nth(x,env), nth(y,env))" +by (simp add: Forall_fm_def is_Forall_def) + +lemma Forall_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_Forall(##A, x, y) \ sats(A, Forall_fm(i,j), env)" +by (simp) + +theorem Forall_reflection: + "REFLECTS[\x. is_Forall(L,f(x),g(x)), + \i x. is_Forall(##Lset(i),f(x),g(x))]" +apply (simp only: is_Forall_def) +apply (intro FOL_reflections pair_reflection Inr_reflection) +done + + +subsubsection\The Operator \<^term>\is_and\, Internalized\ + +(* is_and(M,a,b,z) == (number1(M,a) & z=b) | + (~number1(M,a) & empty(M,z)) *) +definition + and_fm :: "[i,i,i]=>i" where + "and_fm(a,b,z) == + Or(And(number1_fm(a), Equal(z,b)), + And(Neg(number1_fm(a)),empty_fm(z)))" + +lemma is_and_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> and_fm(x,y,z) \ formula" +by (simp add: and_fm_def) + +lemma sats_and_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, and_fm(x,y,z), env) \ + is_and(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: and_fm_def is_and_def) + +lemma is_and_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_and(##A, x, y, z) \ sats(A, and_fm(i,j,k), env)" +by simp + +theorem is_and_reflection: + "REFLECTS[\x. is_and(L,f(x),g(x),h(x)), + \i x. is_and(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_and_def) +apply (intro FOL_reflections function_reflections) +done + + +subsubsection\The Operator \<^term>\is_or\, Internalized\ + +(* is_or(M,a,b,z) == (number1(M,a) & number1(M,z)) | + (~number1(M,a) & z=b) *) + +definition + or_fm :: "[i,i,i]=>i" where + "or_fm(a,b,z) == + Or(And(number1_fm(a), number1_fm(z)), + And(Neg(number1_fm(a)), Equal(z,b)))" + +lemma is_or_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> or_fm(x,y,z) \ formula" +by (simp add: or_fm_def) + +lemma sats_or_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, or_fm(x,y,z), env) \ + is_or(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: or_fm_def is_or_def) + +lemma is_or_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_or(##A, x, y, z) \ sats(A, or_fm(i,j,k), env)" +by simp + +theorem is_or_reflection: + "REFLECTS[\x. is_or(L,f(x),g(x),h(x)), + \i x. is_or(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_or_def) +apply (intro FOL_reflections function_reflections) +done + + + +subsubsection\The Operator \<^term>\is_not\, Internalized\ + +(* is_not(M,a,z) == (number1(M,a) & empty(M,z)) | + (~number1(M,a) & number1(M,z)) *) +definition + not_fm :: "[i,i]=>i" where + "not_fm(a,z) == + Or(And(number1_fm(a), empty_fm(z)), + And(Neg(number1_fm(a)), number1_fm(z)))" + +lemma is_not_type [TC]: + "[| x \ nat; z \ nat |] ==> not_fm(x,z) \ formula" +by (simp add: not_fm_def) + +lemma sats_is_not_fm [simp]: + "[| x \ nat; z \ nat; env \ list(A)|] + ==> sats(A, not_fm(x,z), env) \ is_not(##A, nth(x,env), nth(z,env))" +by (simp add: not_fm_def is_not_def) + +lemma is_not_iff_sats: + "[| nth(i,env) = x; nth(k,env) = z; + i \ nat; k \ nat; env \ list(A)|] + ==> is_not(##A, x, z) \ sats(A, not_fm(i,k), env)" +by simp + +theorem is_not_reflection: + "REFLECTS[\x. is_not(L,f(x),g(x)), + \i x. is_not(##Lset(i),f(x),g(x))]" +apply (simp only: is_not_def) +apply (intro FOL_reflections function_reflections) +done + + +lemmas extra_reflections = + Inl_reflection Inr_reflection Nil_reflection Cons_reflection + quasilist_reflection hd_reflection tl_reflection bool_of_o_reflection + is_lambda_reflection Member_reflection Equal_reflection Nand_reflection + Forall_reflection is_and_reflection is_or_reflection is_not_reflection + +subsection\Well-Founded Recursion!\ + +subsubsection\The Operator \<^term>\M_is_recfun\\ + +text\Alternative definition, minimizing nesting of quantifiers around MH\ +lemma M_is_recfun_iff: + "M_is_recfun(M,MH,r,a,f) \ + (\z[M]. z \ f \ + (\x[M]. \f_r_sx[M]. \y[M]. + MH(x, f_r_sx, y) & pair(M,x,y,z) & + (\xa[M]. \sx[M]. \r_sx[M]. + pair(M,x,a,xa) & upair(M,x,x,sx) & + pre_image(M,r,sx,r_sx) & restriction(M,f,r_sx,f_r_sx) & + xa \ r)))" +apply (simp add: M_is_recfun_def) +apply (rule rall_cong, blast) +done + + +(* M_is_recfun :: "[i=>o, [i,i,i]=>o, i, i, i] => o" + "M_is_recfun(M,MH,r,a,f) == + \z[M]. z \ f \ + 2 1 0 +new def (\x[M]. \f_r_sx[M]. \y[M]. + MH(x, f_r_sx, y) & pair(M,x,y,z) & + (\xa[M]. \sx[M]. \r_sx[M]. + pair(M,x,a,xa) & upair(M,x,x,sx) & + pre_image(M,r,sx,r_sx) & restriction(M,f,r_sx,f_r_sx) & + xa \ r)" +*) + +text\The three arguments of \<^term>\p\ are always 2, 1, 0 and z\ +definition + is_recfun_fm :: "[i, i, i, i]=>i" where + "is_recfun_fm(p,r,a,f) == + Forall(Iff(Member(0,succ(f)), + Exists(Exists(Exists( + And(p, + And(pair_fm(2,0,3), + Exists(Exists(Exists( + And(pair_fm(5,a#+7,2), + And(upair_fm(5,5,1), + And(pre_image_fm(r#+7,1,0), + And(restriction_fm(f#+7,0,4), Member(2,r#+7)))))))))))))))" + +lemma is_recfun_type [TC]: + "[| p \ formula; x \ nat; y \ nat; z \ nat |] + ==> is_recfun_fm(p,x,y,z) \ formula" +by (simp add: is_recfun_fm_def) + + +lemma sats_is_recfun_fm: + assumes MH_iff_sats: + "!!a0 a1 a2 a3. + [|a0\A; a1\A; a2\A; a3\A|] + ==> MH(a2, a1, a0) \ sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,env)))))" + shows + "[|x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, is_recfun_fm(p,x,y,z), env) \ + M_is_recfun(##A, MH, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: is_recfun_fm_def M_is_recfun_iff MH_iff_sats [THEN iff_sym]) + +lemma is_recfun_iff_sats: + assumes MH_iff_sats: + "!!a0 a1 a2 a3. + [|a0\A; a1\A; a2\A; a3\A|] + ==> MH(a2, a1, a0) \ sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,env)))))" + shows + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> M_is_recfun(##A, MH, x, y, z) \ sats(A, is_recfun_fm(p,i,j,k), env)" +by (simp add: sats_is_recfun_fm [OF MH_iff_sats]) + +text\The additional variable in the premise, namely \<^term>\f'\, is essential. +It lets \<^term>\MH\ depend upon \<^term>\x\, which seems often necessary. +The same thing occurs in \is_wfrec_reflection\.\ +theorem is_recfun_reflection: + assumes MH_reflection: + "!!f' f g h. REFLECTS[\x. MH(L, f'(x), f(x), g(x), h(x)), + \i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]" + shows "REFLECTS[\x. M_is_recfun(L, MH(L,x), f(x), g(x), h(x)), + \i x. M_is_recfun(##Lset(i), MH(##Lset(i),x), f(x), g(x), h(x))]" +apply (simp (no_asm_use) only: M_is_recfun_def) +apply (intro FOL_reflections function_reflections + restriction_reflection MH_reflection) +done + +subsubsection\The Operator \<^term>\is_wfrec\\ + +text\The three arguments of \<^term>\p\ are always 2, 1, 0; + \<^term>\p\ is enclosed by 5 quantifiers.\ + +(* is_wfrec :: "[i=>o, i, [i,i,i]=>o, i, i] => o" + "is_wfrec(M,MH,r,a,z) == + \f[M]. M_is_recfun(M,MH,r,a,f) & MH(a,f,z)" *) +definition + is_wfrec_fm :: "[i, i, i, i]=>i" where + "is_wfrec_fm(p,r,a,z) == + Exists(And(is_recfun_fm(p, succ(r), succ(a), 0), + Exists(Exists(Exists(Exists( + And(Equal(2,a#+5), And(Equal(1,4), And(Equal(0,z#+5), p)))))))))" + +text\We call \<^term>\p\ with arguments a, f, z by equating them with + the corresponding quantified variables with de Bruijn indices 2, 1, 0.\ + +text\There's an additional existential quantifier to ensure that the + environments in both calls to MH have the same length.\ + +lemma is_wfrec_type [TC]: + "[| p \ formula; x \ nat; y \ nat; z \ nat |] + ==> is_wfrec_fm(p,x,y,z) \ formula" +by (simp add: is_wfrec_fm_def) + +lemma sats_is_wfrec_fm: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4. + [|a0\A; a1\A; a2\A; a3\A; a4\A|] + ==> MH(a2, a1, a0) \ sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,Cons(a4,env))))))" + shows + "[|x \ nat; y < length(env); z < length(env); env \ list(A)|] + ==> sats(A, is_wfrec_fm(p,x,y,z), env) \ + is_wfrec(##A, MH, nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=z in lt_length_in_nat, assumption) +apply (frule lt_length_in_nat, assumption) +apply (simp add: is_wfrec_fm_def sats_is_recfun_fm is_wfrec_def MH_iff_sats [THEN iff_sym], blast) +done + + +lemma is_wfrec_iff_sats: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4. + [|a0\A; a1\A; a2\A; a3\A; a4\A|] + ==> MH(a2, a1, a0) \ sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3,Cons(a4,env))))))" + shows + "[|nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j < length(env); k < length(env); env \ list(A)|] + ==> is_wfrec(##A, MH, x, y, z) \ sats(A, is_wfrec_fm(p,i,j,k), env)" +by (simp add: sats_is_wfrec_fm [OF MH_iff_sats]) + +theorem is_wfrec_reflection: + assumes MH_reflection: + "!!f' f g h. REFLECTS[\x. MH(L, f'(x), f(x), g(x), h(x)), + \i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]" + shows "REFLECTS[\x. is_wfrec(L, MH(L,x), f(x), g(x), h(x)), + \i x. is_wfrec(##Lset(i), MH(##Lset(i),x), f(x), g(x), h(x))]" +apply (simp (no_asm_use) only: is_wfrec_def) +apply (intro FOL_reflections MH_reflection is_recfun_reflection) +done + + +subsection\For Datatypes\ + +subsubsection\Binary Products, Internalized\ + +definition + cartprod_fm :: "[i,i,i]=>i" where +(* "cartprod(M,A,B,z) == + \u[M]. u \ z \ (\x[M]. x\A & (\y[M]. y\B & pair(M,x,y,u)))" *) + "cartprod_fm(A,B,z) == + Forall(Iff(Member(0,succ(z)), + Exists(And(Member(0,succ(succ(A))), + Exists(And(Member(0,succ(succ(succ(B)))), + pair_fm(1,0,2)))))))" + +lemma cartprod_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> cartprod_fm(x,y,z) \ formula" +by (simp add: cartprod_fm_def) + +lemma sats_cartprod_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, cartprod_fm(x,y,z), env) \ + cartprod(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: cartprod_fm_def cartprod_def) + +lemma cartprod_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> cartprod(##A, x, y, z) \ sats(A, cartprod_fm(i,j,k), env)" +by (simp) + +theorem cartprod_reflection: + "REFLECTS[\x. cartprod(L,f(x),g(x),h(x)), + \i x. cartprod(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: cartprod_def) +apply (intro FOL_reflections pair_reflection) +done + + +subsubsection\Binary Sums, Internalized\ + +(* "is_sum(M,A,B,Z) == + \A0[M]. \n1[M]. \s1[M]. \B1[M]. + 3 2 1 0 + number1(M,n1) & cartprod(M,n1,A,A0) & upair(M,n1,n1,s1) & + cartprod(M,s1,B,B1) & union(M,A0,B1,Z)" *) +definition + sum_fm :: "[i,i,i]=>i" where + "sum_fm(A,B,Z) == + Exists(Exists(Exists(Exists( + And(number1_fm(2), + And(cartprod_fm(2,A#+4,3), + And(upair_fm(2,2,1), + And(cartprod_fm(1,B#+4,0), union_fm(3,0,Z#+4)))))))))" + +lemma sum_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> sum_fm(x,y,z) \ formula" +by (simp add: sum_fm_def) + +lemma sats_sum_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, sum_fm(x,y,z), env) \ + is_sum(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: sum_fm_def is_sum_def) + +lemma sum_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_sum(##A, x, y, z) \ sats(A, sum_fm(i,j,k), env)" +by simp + +theorem sum_reflection: + "REFLECTS[\x. is_sum(L,f(x),g(x),h(x)), + \i x. is_sum(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_sum_def) +apply (intro FOL_reflections function_reflections cartprod_reflection) +done + + +subsubsection\The Operator \<^term>\quasinat\\ + +(* "is_quasinat(M,z) == empty(M,z) | (\m[M]. successor(M,m,z))" *) +definition + quasinat_fm :: "i=>i" where + "quasinat_fm(z) == Or(empty_fm(z), Exists(succ_fm(0,succ(z))))" + +lemma quasinat_type [TC]: + "x \ nat ==> quasinat_fm(x) \ formula" +by (simp add: quasinat_fm_def) + +lemma sats_quasinat_fm [simp]: + "[| x \ nat; env \ list(A)|] + ==> sats(A, quasinat_fm(x), env) \ is_quasinat(##A, nth(x,env))" +by (simp add: quasinat_fm_def is_quasinat_def) + +lemma quasinat_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; env \ list(A)|] + ==> is_quasinat(##A, x) \ sats(A, quasinat_fm(i), env)" +by simp + +theorem quasinat_reflection: + "REFLECTS[\x. is_quasinat(L,f(x)), + \i x. is_quasinat(##Lset(i),f(x))]" +apply (simp only: is_quasinat_def) +apply (intro FOL_reflections function_reflections) +done + + +subsubsection\The Operator \<^term>\is_nat_case\\ +text\I could not get it to work with the more natural assumption that + \<^term>\is_b\ takes two arguments. Instead it must be a formula where 1 and 0 + stand for \<^term>\m\ and \<^term>\b\, respectively.\ + +(* is_nat_case :: "[i=>o, i, [i,i]=>o, i, i] => o" + "is_nat_case(M, a, is_b, k, z) == + (empty(M,k) \ z=a) & + (\m[M]. successor(M,m,k) \ is_b(m,z)) & + (is_quasinat(M,k) | empty(M,z))" *) +text\The formula \<^term>\is_b\ has free variables 1 and 0.\ +definition + is_nat_case_fm :: "[i, i, i, i]=>i" where + "is_nat_case_fm(a,is_b,k,z) == + And(Implies(empty_fm(k), Equal(z,a)), + And(Forall(Implies(succ_fm(0,succ(k)), + Forall(Implies(Equal(0,succ(succ(z))), is_b)))), + Or(quasinat_fm(k), empty_fm(z))))" + +lemma is_nat_case_type [TC]: + "[| is_b \ formula; + x \ nat; y \ nat; z \ nat |] + ==> is_nat_case_fm(x,is_b,y,z) \ formula" +by (simp add: is_nat_case_fm_def) + +lemma sats_is_nat_case_fm: + assumes is_b_iff_sats: + "!!a. a \ A ==> is_b(a,nth(z, env)) \ + sats(A, p, Cons(nth(z,env), Cons(a, env)))" + shows + "[|x \ nat; y \ nat; z < length(env); env \ list(A)|] + ==> sats(A, is_nat_case_fm(x,p,y,z), env) \ + is_nat_case(##A, nth(x,env), is_b, nth(y,env), nth(z,env))" +apply (frule lt_length_in_nat, assumption) +apply (simp add: is_nat_case_fm_def is_nat_case_def is_b_iff_sats [THEN iff_sym]) +done + +lemma is_nat_case_iff_sats: + "[| (!!a. a \ A ==> is_b(a,z) \ + sats(A, p, Cons(z, Cons(a,env)))); + nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k < length(env); env \ list(A)|] + ==> is_nat_case(##A, x, is_b, y, z) \ sats(A, is_nat_case_fm(i,p,j,k), env)" +by (simp add: sats_is_nat_case_fm [of A is_b]) + + +text\The second argument of \<^term>\is_b\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references. Without this + argument, we cannot prove reflection for \<^term>\iterates_MH\.\ +theorem is_nat_case_reflection: + assumes is_b_reflection: + "!!h f g. REFLECTS[\x. is_b(L, h(x), f(x), g(x)), + \i x. is_b(##Lset(i), h(x), f(x), g(x))]" + shows "REFLECTS[\x. is_nat_case(L, f(x), is_b(L,x), g(x), h(x)), + \i x. is_nat_case(##Lset(i), f(x), is_b(##Lset(i), x), g(x), h(x))]" +apply (simp (no_asm_use) only: is_nat_case_def) +apply (intro FOL_reflections function_reflections + restriction_reflection is_b_reflection quasinat_reflection) +done + + +subsection\The Operator \<^term>\iterates_MH\, Needed for Iteration\ + +(* iterates_MH :: "[i=>o, [i,i]=>o, i, i, i, i] => o" + "iterates_MH(M,isF,v,n,g,z) == + is_nat_case(M, v, \m u. \gm[M]. fun_apply(M,g,m,gm) & isF(gm,u), + n, z)" *) +definition + iterates_MH_fm :: "[i, i, i, i, i]=>i" where + "iterates_MH_fm(isF,v,n,g,z) == + is_nat_case_fm(v, + Exists(And(fun_apply_fm(succ(succ(succ(g))),2,0), + Forall(Implies(Equal(0,2), isF)))), + n, z)" + +lemma iterates_MH_type [TC]: + "[| p \ formula; + v \ nat; x \ nat; y \ nat; z \ nat |] + ==> iterates_MH_fm(p,v,x,y,z) \ formula" +by (simp add: iterates_MH_fm_def) + +lemma sats_iterates_MH_fm: + assumes is_F_iff_sats: + "!!a b c d. [| a \ A; b \ A; c \ A; d \ A|] + ==> is_F(a,b) \ + sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d,env)))))" + shows + "[|v \ nat; x \ nat; y \ nat; z < length(env); env \ list(A)|] + ==> sats(A, iterates_MH_fm(p,v,x,y,z), env) \ + iterates_MH(##A, is_F, nth(v,env), nth(x,env), nth(y,env), nth(z,env))" +apply (frule lt_length_in_nat, assumption) +apply (simp add: iterates_MH_fm_def iterates_MH_def sats_is_nat_case_fm + is_F_iff_sats [symmetric]) +apply (rule is_nat_case_cong) +apply (simp_all add: setclass_def) +done + +lemma iterates_MH_iff_sats: + assumes is_F_iff_sats: + "!!a b c d. [| a \ A; b \ A; c \ A; d \ A|] + ==> is_F(a,b) \ + sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d,env)))))" + shows + "[| nth(i',env) = v; nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i' \ nat; i \ nat; j \ nat; k < length(env); env \ list(A)|] + ==> iterates_MH(##A, is_F, v, x, y, z) \ + sats(A, iterates_MH_fm(p,i',i,j,k), env)" +by (simp add: sats_iterates_MH_fm [OF is_F_iff_sats]) + +text\The second argument of \<^term>\p\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references. Without this + argument, we cannot prove reflection for \<^term>\list_N\.\ +theorem iterates_MH_reflection: + assumes p_reflection: + "!!f g h. REFLECTS[\x. p(L, h(x), f(x), g(x)), + \i x. p(##Lset(i), h(x), f(x), g(x))]" + shows "REFLECTS[\x. iterates_MH(L, p(L,x), e(x), f(x), g(x), h(x)), + \i x. iterates_MH(##Lset(i), p(##Lset(i),x), e(x), f(x), g(x), h(x))]" +apply (simp (no_asm_use) only: iterates_MH_def) +apply (intro FOL_reflections function_reflections is_nat_case_reflection + restriction_reflection p_reflection) +done + + +subsubsection\The Operator \<^term>\is_iterates\\ + +text\The three arguments of \<^term>\p\ are always 2, 1, 0; + \<^term>\p\ is enclosed by 9 (??) quantifiers.\ + +(* "is_iterates(M,isF,v,n,Z) == + \sn[M]. \msn[M]. successor(M,n,sn) & membership(M,sn,msn) & + 1 0 is_wfrec(M, iterates_MH(M,isF,v), msn, n, Z)"*) + +definition + is_iterates_fm :: "[i, i, i, i]=>i" where + "is_iterates_fm(p,v,n,Z) == + Exists(Exists( + And(succ_fm(n#+2,1), + And(Memrel_fm(1,0), + is_wfrec_fm(iterates_MH_fm(p, v#+7, 2, 1, 0), + 0, n#+2, Z#+2)))))" + +text\We call \<^term>\p\ with arguments a, f, z by equating them with + the corresponding quantified variables with de Bruijn indices 2, 1, 0.\ + + +lemma is_iterates_type [TC]: + "[| p \ formula; x \ nat; y \ nat; z \ nat |] + ==> is_iterates_fm(p,x,y,z) \ formula" +by (simp add: is_iterates_fm_def) + +lemma sats_is_iterates_fm: + assumes is_F_iff_sats: + "!!a b c d e f g h i j k. + [| a \ A; b \ A; c \ A; d \ A; e \ A; f \ A; + g \ A; h \ A; i \ A; j \ A; k \ A|] + ==> is_F(a,b) \ + sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d, Cons(e, Cons(f, + Cons(g, Cons(h, Cons(i, Cons(j, Cons(k, env))))))))))))" + shows + "[|x \ nat; y < length(env); z < length(env); env \ list(A)|] + ==> sats(A, is_iterates_fm(p,x,y,z), env) \ + is_iterates(##A, is_F, nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=z in lt_length_in_nat, assumption) +apply (frule lt_length_in_nat, assumption) +apply (simp add: is_iterates_fm_def is_iterates_def sats_is_nat_case_fm + is_F_iff_sats [symmetric] sats_is_wfrec_fm sats_iterates_MH_fm) +done + + +lemma is_iterates_iff_sats: + assumes is_F_iff_sats: + "!!a b c d e f g h i j k. + [| a \ A; b \ A; c \ A; d \ A; e \ A; f \ A; + g \ A; h \ A; i \ A; j \ A; k \ A|] + ==> is_F(a,b) \ + sats(A, p, Cons(b, Cons(a, Cons(c, Cons(d, Cons(e, Cons(f, + Cons(g, Cons(h, Cons(i, Cons(j, Cons(k, env))))))))))))" + shows + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j < length(env); k < length(env); env \ list(A)|] + ==> is_iterates(##A, is_F, x, y, z) \ + sats(A, is_iterates_fm(p,i,j,k), env)" +by (simp add: sats_is_iterates_fm [OF is_F_iff_sats]) + +text\The second argument of \<^term>\p\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references. Without this + argument, we cannot prove reflection for \<^term>\list_N\.\ +theorem is_iterates_reflection: + assumes p_reflection: + "!!f g h. REFLECTS[\x. p(L, h(x), f(x), g(x)), + \i x. p(##Lset(i), h(x), f(x), g(x))]" + shows "REFLECTS[\x. is_iterates(L, p(L,x), f(x), g(x), h(x)), + \i x. is_iterates(##Lset(i), p(##Lset(i),x), f(x), g(x), h(x))]" +apply (simp (no_asm_use) only: is_iterates_def) +apply (intro FOL_reflections function_reflections p_reflection + is_wfrec_reflection iterates_MH_reflection) +done + + +subsubsection\The Formula \<^term>\is_eclose_n\, Internalized\ + +(* is_eclose_n(M,A,n,Z) == is_iterates(M, big_union(M), A, n, Z) *) + +definition + eclose_n_fm :: "[i,i,i]=>i" where + "eclose_n_fm(A,n,Z) == is_iterates_fm(big_union_fm(1,0), A, n, Z)" + +lemma eclose_n_fm_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> eclose_n_fm(x,y,z) \ formula" +by (simp add: eclose_n_fm_def) + +lemma sats_eclose_n_fm [simp]: + "[| x \ nat; y < length(env); z < length(env); env \ list(A)|] + ==> sats(A, eclose_n_fm(x,y,z), env) \ + is_eclose_n(##A, nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=z in lt_length_in_nat, assumption) +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: eclose_n_fm_def is_eclose_n_def + sats_is_iterates_fm) +done + +lemma eclose_n_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j < length(env); k < length(env); env \ list(A)|] + ==> is_eclose_n(##A, x, y, z) \ sats(A, eclose_n_fm(i,j,k), env)" +by (simp) + +theorem eclose_n_reflection: + "REFLECTS[\x. is_eclose_n(L, f(x), g(x), h(x)), + \i x. is_eclose_n(##Lset(i), f(x), g(x), h(x))]" +apply (simp only: is_eclose_n_def) +apply (intro FOL_reflections function_reflections is_iterates_reflection) +done + + +subsubsection\Membership in \<^term>\eclose(A)\\ + +(* mem_eclose(M,A,l) == + \n[M]. \eclosen[M]. + finite_ordinal(M,n) & is_eclose_n(M,A,n,eclosen) & l \ eclosen *) +definition + mem_eclose_fm :: "[i,i]=>i" where + "mem_eclose_fm(x,y) == + Exists(Exists( + And(finite_ordinal_fm(1), + And(eclose_n_fm(x#+2,1,0), Member(y#+2,0)))))" + +lemma mem_eclose_type [TC]: + "[| x \ nat; y \ nat |] ==> mem_eclose_fm(x,y) \ formula" +by (simp add: mem_eclose_fm_def) + +lemma sats_mem_eclose_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, mem_eclose_fm(x,y), env) \ mem_eclose(##A, nth(x,env), nth(y,env))" +by (simp add: mem_eclose_fm_def mem_eclose_def) + +lemma mem_eclose_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> mem_eclose(##A, x, y) \ sats(A, mem_eclose_fm(i,j), env)" +by simp + +theorem mem_eclose_reflection: + "REFLECTS[\x. mem_eclose(L,f(x),g(x)), + \i x. mem_eclose(##Lset(i),f(x),g(x))]" +apply (simp only: mem_eclose_def) +apply (intro FOL_reflections finite_ordinal_reflection eclose_n_reflection) +done + + +subsubsection\The Predicate ``Is \<^term>\eclose(A)\''\ + +(* is_eclose(M,A,Z) == \l[M]. l \ Z \ mem_eclose(M,A,l) *) +definition + is_eclose_fm :: "[i,i]=>i" where + "is_eclose_fm(A,Z) == + Forall(Iff(Member(0,succ(Z)), mem_eclose_fm(succ(A),0)))" + +lemma is_eclose_type [TC]: + "[| x \ nat; y \ nat |] ==> is_eclose_fm(x,y) \ formula" +by (simp add: is_eclose_fm_def) + +lemma sats_is_eclose_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, is_eclose_fm(x,y), env) \ is_eclose(##A, nth(x,env), nth(y,env))" +by (simp add: is_eclose_fm_def is_eclose_def) + +lemma is_eclose_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_eclose(##A, x, y) \ sats(A, is_eclose_fm(i,j), env)" +by simp + +theorem is_eclose_reflection: + "REFLECTS[\x. is_eclose(L,f(x),g(x)), + \i x. is_eclose(##Lset(i),f(x),g(x))]" +apply (simp only: is_eclose_def) +apply (intro FOL_reflections mem_eclose_reflection) +done + + +subsubsection\The List Functor, Internalized\ + +definition + list_functor_fm :: "[i,i,i]=>i" where +(* "is_list_functor(M,A,X,Z) == + \n1[M]. \AX[M]. + number1(M,n1) & cartprod(M,A,X,AX) & is_sum(M,n1,AX,Z)" *) + "list_functor_fm(A,X,Z) == + Exists(Exists( + And(number1_fm(1), + And(cartprod_fm(A#+2,X#+2,0), sum_fm(1,0,Z#+2)))))" + +lemma list_functor_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> list_functor_fm(x,y,z) \ formula" +by (simp add: list_functor_fm_def) + +lemma sats_list_functor_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, list_functor_fm(x,y,z), env) \ + is_list_functor(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: list_functor_fm_def is_list_functor_def) + +lemma list_functor_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_list_functor(##A, x, y, z) \ sats(A, list_functor_fm(i,j,k), env)" +by simp + +theorem list_functor_reflection: + "REFLECTS[\x. is_list_functor(L,f(x),g(x),h(x)), + \i x. is_list_functor(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_list_functor_def) +apply (intro FOL_reflections number1_reflection + cartprod_reflection sum_reflection) +done + + +subsubsection\The Formula \<^term>\is_list_N\, Internalized\ + +(* "is_list_N(M,A,n,Z) == + \zero[M]. empty(M,zero) & + is_iterates(M, is_list_functor(M,A), zero, n, Z)" *) + +definition + list_N_fm :: "[i,i,i]=>i" where + "list_N_fm(A,n,Z) == + Exists( + And(empty_fm(0), + is_iterates_fm(list_functor_fm(A#+9#+3,1,0), 0, n#+1, Z#+1)))" + +lemma list_N_fm_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> list_N_fm(x,y,z) \ formula" +by (simp add: list_N_fm_def) + +lemma sats_list_N_fm [simp]: + "[| x \ nat; y < length(env); z < length(env); env \ list(A)|] + ==> sats(A, list_N_fm(x,y,z), env) \ + is_list_N(##A, nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=z in lt_length_in_nat, assumption) +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: list_N_fm_def is_list_N_def sats_is_iterates_fm) +done + +lemma list_N_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j < length(env); k < length(env); env \ list(A)|] + ==> is_list_N(##A, x, y, z) \ sats(A, list_N_fm(i,j,k), env)" +by (simp) + +theorem list_N_reflection: + "REFLECTS[\x. is_list_N(L, f(x), g(x), h(x)), + \i x. is_list_N(##Lset(i), f(x), g(x), h(x))]" +apply (simp only: is_list_N_def) +apply (intro FOL_reflections function_reflections + is_iterates_reflection list_functor_reflection) +done + + + +subsubsection\The Predicate ``Is A List''\ + +(* mem_list(M,A,l) == + \n[M]. \listn[M]. + finite_ordinal(M,n) & is_list_N(M,A,n,listn) & l \ listn *) +definition + mem_list_fm :: "[i,i]=>i" where + "mem_list_fm(x,y) == + Exists(Exists( + And(finite_ordinal_fm(1), + And(list_N_fm(x#+2,1,0), Member(y#+2,0)))))" + +lemma mem_list_type [TC]: + "[| x \ nat; y \ nat |] ==> mem_list_fm(x,y) \ formula" +by (simp add: mem_list_fm_def) + +lemma sats_mem_list_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, mem_list_fm(x,y), env) \ mem_list(##A, nth(x,env), nth(y,env))" +by (simp add: mem_list_fm_def mem_list_def) + +lemma mem_list_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> mem_list(##A, x, y) \ sats(A, mem_list_fm(i,j), env)" +by simp + +theorem mem_list_reflection: + "REFLECTS[\x. mem_list(L,f(x),g(x)), + \i x. mem_list(##Lset(i),f(x),g(x))]" +apply (simp only: mem_list_def) +apply (intro FOL_reflections finite_ordinal_reflection list_N_reflection) +done + + +subsubsection\The Predicate ``Is \<^term>\list(A)\''\ + +(* is_list(M,A,Z) == \l[M]. l \ Z \ mem_list(M,A,l) *) +definition + is_list_fm :: "[i,i]=>i" where + "is_list_fm(A,Z) == + Forall(Iff(Member(0,succ(Z)), mem_list_fm(succ(A),0)))" + +lemma is_list_type [TC]: + "[| x \ nat; y \ nat |] ==> is_list_fm(x,y) \ formula" +by (simp add: is_list_fm_def) + +lemma sats_is_list_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, is_list_fm(x,y), env) \ is_list(##A, nth(x,env), nth(y,env))" +by (simp add: is_list_fm_def is_list_def) + +lemma is_list_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_list(##A, x, y) \ sats(A, is_list_fm(i,j), env)" +by simp + +theorem is_list_reflection: + "REFLECTS[\x. is_list(L,f(x),g(x)), + \i x. is_list(##Lset(i),f(x),g(x))]" +apply (simp only: is_list_def) +apply (intro FOL_reflections mem_list_reflection) +done + + +subsubsection\The Formula Functor, Internalized\ + +definition formula_functor_fm :: "[i,i]=>i" where +(* "is_formula_functor(M,X,Z) == + \nat'[M]. \natnat[M]. \natnatsum[M]. \XX[M]. \X3[M]. + 4 3 2 1 0 + omega(M,nat') & cartprod(M,nat',nat',natnat) & + is_sum(M,natnat,natnat,natnatsum) & + cartprod(M,X,X,XX) & is_sum(M,XX,X,X3) & + is_sum(M,natnatsum,X3,Z)" *) + "formula_functor_fm(X,Z) == + Exists(Exists(Exists(Exists(Exists( + And(omega_fm(4), + And(cartprod_fm(4,4,3), + And(sum_fm(3,3,2), + And(cartprod_fm(X#+5,X#+5,1), + And(sum_fm(1,X#+5,0), sum_fm(2,0,Z#+5)))))))))))" + +lemma formula_functor_type [TC]: + "[| x \ nat; y \ nat |] ==> formula_functor_fm(x,y) \ formula" +by (simp add: formula_functor_fm_def) + +lemma sats_formula_functor_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, formula_functor_fm(x,y), env) \ + is_formula_functor(##A, nth(x,env), nth(y,env))" +by (simp add: formula_functor_fm_def is_formula_functor_def) + +lemma formula_functor_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> is_formula_functor(##A, x, y) \ sats(A, formula_functor_fm(i,j), env)" +by simp + +theorem formula_functor_reflection: + "REFLECTS[\x. is_formula_functor(L,f(x),g(x)), + \i x. is_formula_functor(##Lset(i),f(x),g(x))]" +apply (simp only: is_formula_functor_def) +apply (intro FOL_reflections omega_reflection + cartprod_reflection sum_reflection) +done + + +subsubsection\The Formula \<^term>\is_formula_N\, Internalized\ + +(* "is_formula_N(M,n,Z) == + \zero[M]. empty(M,zero) & + is_iterates(M, is_formula_functor(M), zero, n, Z)" *) +definition + formula_N_fm :: "[i,i]=>i" where + "formula_N_fm(n,Z) == + Exists( + And(empty_fm(0), + is_iterates_fm(formula_functor_fm(1,0), 0, n#+1, Z#+1)))" + +lemma formula_N_fm_type [TC]: + "[| x \ nat; y \ nat |] ==> formula_N_fm(x,y) \ formula" +by (simp add: formula_N_fm_def) + +lemma sats_formula_N_fm [simp]: + "[| x < length(env); y < length(env); env \ list(A)|] + ==> sats(A, formula_N_fm(x,y), env) \ + is_formula_N(##A, nth(x,env), nth(y,env))" +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (frule lt_length_in_nat, assumption) +apply (simp add: formula_N_fm_def is_formula_N_def sats_is_iterates_fm) +done + +lemma formula_N_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i < length(env); j < length(env); env \ list(A)|] + ==> is_formula_N(##A, x, y) \ sats(A, formula_N_fm(i,j), env)" +by (simp) + +theorem formula_N_reflection: + "REFLECTS[\x. is_formula_N(L, f(x), g(x)), + \i x. is_formula_N(##Lset(i), f(x), g(x))]" +apply (simp only: is_formula_N_def) +apply (intro FOL_reflections function_reflections + is_iterates_reflection formula_functor_reflection) +done + + + +subsubsection\The Predicate ``Is A Formula''\ + +(* mem_formula(M,p) == + \n[M]. \formn[M]. + finite_ordinal(M,n) & is_formula_N(M,n,formn) & p \ formn *) +definition + mem_formula_fm :: "i=>i" where + "mem_formula_fm(x) == + Exists(Exists( + And(finite_ordinal_fm(1), + And(formula_N_fm(1,0), Member(x#+2,0)))))" + +lemma mem_formula_type [TC]: + "x \ nat ==> mem_formula_fm(x) \ formula" +by (simp add: mem_formula_fm_def) + +lemma sats_mem_formula_fm [simp]: + "[| x \ nat; env \ list(A)|] + ==> sats(A, mem_formula_fm(x), env) \ mem_formula(##A, nth(x,env))" +by (simp add: mem_formula_fm_def mem_formula_def) + +lemma mem_formula_iff_sats: + "[| nth(i,env) = x; i \ nat; env \ list(A)|] + ==> mem_formula(##A, x) \ sats(A, mem_formula_fm(i), env)" +by simp + +theorem mem_formula_reflection: + "REFLECTS[\x. mem_formula(L,f(x)), + \i x. mem_formula(##Lset(i),f(x))]" +apply (simp only: mem_formula_def) +apply (intro FOL_reflections finite_ordinal_reflection formula_N_reflection) +done + + + +subsubsection\The Predicate ``Is \<^term>\formula\''\ + +(* is_formula(M,Z) == \p[M]. p \ Z \ mem_formula(M,p) *) +definition + is_formula_fm :: "i=>i" where + "is_formula_fm(Z) == Forall(Iff(Member(0,succ(Z)), mem_formula_fm(0)))" + +lemma is_formula_type [TC]: + "x \ nat ==> is_formula_fm(x) \ formula" +by (simp add: is_formula_fm_def) + +lemma sats_is_formula_fm [simp]: + "[| x \ nat; env \ list(A)|] + ==> sats(A, is_formula_fm(x), env) \ is_formula(##A, nth(x,env))" +by (simp add: is_formula_fm_def is_formula_def) + +lemma is_formula_iff_sats: + "[| nth(i,env) = x; i \ nat; env \ list(A)|] + ==> is_formula(##A, x) \ sats(A, is_formula_fm(i), env)" +by simp + +theorem is_formula_reflection: + "REFLECTS[\x. is_formula(L,f(x)), + \i x. is_formula(##Lset(i),f(x))]" +apply (simp only: is_formula_def) +apply (intro FOL_reflections mem_formula_reflection) +done + + +subsubsection\The Operator \<^term>\is_transrec\\ + +text\The three arguments of \<^term>\p\ are always 2, 1, 0. It is buried + within eight quantifiers! + We call \<^term>\p\ with arguments a, f, z by equating them with + the corresponding quantified variables with de Bruijn indices 2, 1, 0.\ + +(* is_transrec :: "[i=>o, [i,i,i]=>o, i, i] => o" + "is_transrec(M,MH,a,z) == + \sa[M]. \esa[M]. \mesa[M]. + 2 1 0 + upair(M,a,a,sa) & is_eclose(M,sa,esa) & membership(M,esa,mesa) & + is_wfrec(M,MH,mesa,a,z)" *) +definition + is_transrec_fm :: "[i, i, i]=>i" where + "is_transrec_fm(p,a,z) == + Exists(Exists(Exists( + And(upair_fm(a#+3,a#+3,2), + And(is_eclose_fm(2,1), + And(Memrel_fm(1,0), is_wfrec_fm(p,0,a#+3,z#+3)))))))" + + +lemma is_transrec_type [TC]: + "[| p \ formula; x \ nat; z \ nat |] + ==> is_transrec_fm(p,x,z) \ formula" +by (simp add: is_transrec_fm_def) + +lemma sats_is_transrec_fm: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4 a5 a6 a7. + [|a0\A; a1\A; a2\A; a3\A; a4\A; a5\A; a6\A; a7\A|] + ==> MH(a2, a1, a0) \ + sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3, + Cons(a4,Cons(a5,Cons(a6,Cons(a7,env)))))))))" + shows + "[|x < length(env); z < length(env); env \ list(A)|] + ==> sats(A, is_transrec_fm(p,x,z), env) \ + is_transrec(##A, MH, nth(x,env), nth(z,env))" +apply (frule_tac x=z in lt_length_in_nat, assumption) +apply (frule_tac x=x in lt_length_in_nat, assumption) +apply (simp add: is_transrec_fm_def sats_is_wfrec_fm is_transrec_def MH_iff_sats [THEN iff_sym]) +done + + +lemma is_transrec_iff_sats: + assumes MH_iff_sats: + "!!a0 a1 a2 a3 a4 a5 a6 a7. + [|a0\A; a1\A; a2\A; a3\A; a4\A; a5\A; a6\A; a7\A|] + ==> MH(a2, a1, a0) \ + sats(A, p, Cons(a0,Cons(a1,Cons(a2,Cons(a3, + Cons(a4,Cons(a5,Cons(a6,Cons(a7,env)))))))))" + shows + "[|nth(i,env) = x; nth(k,env) = z; + i < length(env); k < length(env); env \ list(A)|] + ==> is_transrec(##A, MH, x, z) \ sats(A, is_transrec_fm(p,i,k), env)" +by (simp add: sats_is_transrec_fm [OF MH_iff_sats]) + +theorem is_transrec_reflection: + assumes MH_reflection: + "!!f' f g h. REFLECTS[\x. MH(L, f'(x), f(x), g(x), h(x)), + \i x. MH(##Lset(i), f'(x), f(x), g(x), h(x))]" + shows "REFLECTS[\x. is_transrec(L, MH(L,x), f(x), h(x)), + \i x. is_transrec(##Lset(i), MH(##Lset(i),x), f(x), h(x))]" +apply (simp (no_asm_use) only: is_transrec_def) +apply (intro FOL_reflections function_reflections MH_reflection + is_wfrec_reflection is_eclose_reflection) +done + +end diff --git a/thys/Transitive_Models/Rec_Separation.thy b/thys/Transitive_Models/Rec_Separation.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/Rec_Separation.thy @@ -0,0 +1,440 @@ +(* Title: ZF/Constructible/Rec_Separation.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +section \Separation for Facts About Recursion\ + +theory Rec_Separation imports "ZF-Constructible.Separation" Internalize Datatype_absolute begin + +text\This theory proves all instances needed for locales \M_trancl\ and \M_datatypes\\ + +lemma eq_succ_imp_lt: "[|i = succ(j); Ord(i)|] ==> jThe Locale \M_trancl\\ + +subsubsection\Separation for Reflexive/Transitive Closure\ + +text\First, The Defining Formula\ + +(* "rtran_closure_mem(M,A,r,p) == + \nnat[M]. \n[M]. \n'[M]. + omega(M,nnat) & n\nnat & successor(M,n,n') & + (\f[M]. typed_function(M,n',A,f) & + (\x[M]. \y[M]. \zero[M]. pair(M,x,y,p) & empty(M,zero) & + fun_apply(M,f,zero,x) & fun_apply(M,f,n,y)) & + (\j[M]. j\n \ + (\fj[M]. \sj[M]. \fsj[M]. \ffp[M]. + fun_apply(M,f,j,fj) & successor(M,j,sj) & + fun_apply(M,f,sj,fsj) & pair(M,fj,fsj,ffp) & ffp \ r)))"*) +definition + rtran_closure_mem_fm :: "[i,i,i]=>i" where + "rtran_closure_mem_fm(A,r,p) == + Exists(Exists(Exists( + And(omega_fm(2), + And(Member(1,2), + And(succ_fm(1,0), + Exists(And(typed_function_fm(1, A#+4, 0), + And(Exists(Exists(Exists( + And(pair_fm(2,1,p#+7), + And(empty_fm(0), + And(fun_apply_fm(3,0,2), fun_apply_fm(3,5,1))))))), + Forall(Implies(Member(0,3), + Exists(Exists(Exists(Exists( + And(fun_apply_fm(5,4,3), + And(succ_fm(4,2), + And(fun_apply_fm(5,2,1), + And(pair_fm(3,1,0), Member(0,r#+9))))))))))))))))))))" + + +lemma rtran_closure_mem_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> rtran_closure_mem_fm(x,y,z) \ formula" +by (simp add: rtran_closure_mem_fm_def) + +lemma sats_rtran_closure_mem_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, rtran_closure_mem_fm(x,y,z), env) \ + rtran_closure_mem(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: rtran_closure_mem_fm_def rtran_closure_mem_def) + +lemma rtran_closure_mem_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> rtran_closure_mem(##A, x, y, z) \ sats(A, rtran_closure_mem_fm(i,j,k), env)" +by (simp) + +lemma rtran_closure_mem_reflection: + "REFLECTS[\x. rtran_closure_mem(L,f(x),g(x),h(x)), + \i x. rtran_closure_mem(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: rtran_closure_mem_def) +apply (intro FOL_reflections function_reflections fun_plus_reflections) +done + +text\Separation for \<^term>\rtrancl(r)\.\ +lemma rtrancl_separation: + "[| L(r); L(A) |] ==> separation (L, rtran_closure_mem(L,A,r))" +apply (rule gen_separation_multi [OF rtran_closure_mem_reflection, of "{r,A}"], + auto) +apply (rule_tac env="[r,A]" in DPow_LsetI) +apply (rule rtran_closure_mem_iff_sats sep_rules | simp)+ +done + + +subsubsection\Reflexive/Transitive Closure, Internalized\ + +(* "rtran_closure(M,r,s) == + \A[M]. is_field(M,r,A) \ + (\p[M]. p \ s \ rtran_closure_mem(M,A,r,p))" *) +definition + rtran_closure_fm :: "[i,i]=>i" where + "rtran_closure_fm(r,s) == + Forall(Implies(field_fm(succ(r),0), + Forall(Iff(Member(0,succ(succ(s))), + rtran_closure_mem_fm(1,succ(succ(r)),0)))))" + +lemma rtran_closure_type [TC]: + "[| x \ nat; y \ nat |] ==> rtran_closure_fm(x,y) \ formula" +by (simp add: rtran_closure_fm_def) + +lemma sats_rtran_closure_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, rtran_closure_fm(x,y), env) \ + rtran_closure(##A, nth(x,env), nth(y,env))" +by (simp add: rtran_closure_fm_def rtran_closure_def) + +lemma rtran_closure_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> rtran_closure(##A, x, y) \ sats(A, rtran_closure_fm(i,j), env)" +by simp + +theorem rtran_closure_reflection: + "REFLECTS[\x. rtran_closure(L,f(x),g(x)), + \i x. rtran_closure(##Lset(i),f(x),g(x))]" +apply (simp only: rtran_closure_def) +apply (intro FOL_reflections function_reflections rtran_closure_mem_reflection) +done + + +subsubsection\Transitive Closure of a Relation, Internalized\ + +(* "tran_closure(M,r,t) == + \s[M]. rtran_closure(M,r,s) & composition(M,r,s,t)" *) +definition + tran_closure_fm :: "[i,i]=>i" where + "tran_closure_fm(r,s) == + Exists(And(rtran_closure_fm(succ(r),0), composition_fm(succ(r),0,succ(s))))" + +lemma tran_closure_type [TC]: + "[| x \ nat; y \ nat |] ==> tran_closure_fm(x,y) \ formula" +by (simp add: tran_closure_fm_def) + +lemma sats_tran_closure_fm [simp]: + "[| x \ nat; y \ nat; env \ list(A)|] + ==> sats(A, tran_closure_fm(x,y), env) \ + tran_closure(##A, nth(x,env), nth(y,env))" +by (simp add: tran_closure_fm_def tran_closure_def) + +lemma tran_closure_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j \ nat; env \ list(A)|] + ==> tran_closure(##A, x, y) \ sats(A, tran_closure_fm(i,j), env)" +by simp + +theorem tran_closure_reflection: + "REFLECTS[\x. tran_closure(L,f(x),g(x)), + \i x. tran_closure(##Lset(i),f(x),g(x))]" +apply (simp only: tran_closure_def) +apply (intro FOL_reflections function_reflections + rtran_closure_reflection composition_reflection) +done + + +subsubsection\Separation for the Proof of \wellfounded_on_trancl\\ + +lemma wellfounded_trancl_reflects: + "REFLECTS[\x. \w[L]. \wx[L]. \rp[L]. + w \ Z & pair(L,w,x,wx) & tran_closure(L,r,rp) & wx \ rp, + \i x. \w \ Lset(i). \wx \ Lset(i). \rp \ Lset(i). + w \ Z & pair(##Lset(i),w,x,wx) & tran_closure(##Lset(i),r,rp) & + wx \ rp]" +by (intro FOL_reflections function_reflections fun_plus_reflections + tran_closure_reflection) + +lemma wellfounded_trancl_separation: + "[| L(r); L(Z) |] ==> + separation (L, \x. + \w[L]. \wx[L]. \rp[L]. + w \ Z & pair(L,w,x,wx) & tran_closure(L,r,rp) & wx \ rp)" +apply (rule gen_separation_multi [OF wellfounded_trancl_reflects, of "{r,Z}"], + auto) +apply (rule_tac env="[r,Z]" in DPow_LsetI) +apply (rule sep_rules tran_closure_iff_sats | simp)+ +done + + +subsubsection\Instantiating the locale \M_trancl\\ + +lemma M_trancl_axioms_L: "M_trancl_axioms(L)" + apply (rule M_trancl_axioms.intro) + apply (assumption | rule rtrancl_separation wellfounded_trancl_separation L_nat)+ + done + +theorem M_trancl_L: "M_trancl(L)" +by (rule M_trancl.intro [OF M_basic_L M_trancl_axioms_L]) + +interpretation L: M_trancl L by (rule M_trancl_L) + + +subsection\\<^term>\L\ is Closed Under the Operator \<^term>\list\\ + +subsubsection\Instances of Replacement for Lists\ + +lemma list_replacement1_Reflects: + "REFLECTS + [\x. \u[L]. u \ B \ (\y[L]. pair(L,u,y,x) \ + is_wfrec(L, iterates_MH(L, is_list_functor(L,A), 0), memsn, u, y)), + \i x. \u \ Lset(i). u \ B \ (\y \ Lset(i). pair(##Lset(i), u, y, x) \ + is_wfrec(##Lset(i), + iterates_MH(##Lset(i), + is_list_functor(##Lset(i), A), 0), memsn, u, y))]" +by (intro FOL_reflections function_reflections is_wfrec_reflection + iterates_MH_reflection list_functor_reflection) + + +lemma list_replacement1: + "L(A) ==> iterates_replacement(L, is_list_functor(L,A), 0)" +apply (unfold iterates_replacement_def wfrec_replacement_def, clarify) +apply (rule strong_replacementI) +apply (rule_tac u="{B,A,n,0,Memrel(succ(n))}" + in gen_separation_multi [OF list_replacement1_Reflects], + auto) +apply (rule_tac env="[B,A,n,0,Memrel(succ(n))]" in DPow_LsetI) +apply (rule sep_rules is_nat_case_iff_sats list_functor_iff_sats + is_wfrec_iff_sats iterates_MH_iff_sats quasinat_iff_sats | simp)+ +done + + +lemma list_replacement2_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & u \ nat & + is_iterates(L, is_list_functor(L, A), 0, u, x), + \i x. \u \ Lset(i). u \ B & u \ nat & + is_iterates(##Lset(i), is_list_functor(##Lset(i), A), 0, u, x)]" +by (intro FOL_reflections + is_iterates_reflection list_functor_reflection) + +lemma list_replacement2: + "L(A) ==> strong_replacement(L, + \n y. n\nat & is_iterates(L, is_list_functor(L,A), 0, n, y))" +apply (rule strong_replacementI) +apply (rule_tac u="{A,B,0,nat}" + in gen_separation_multi [OF list_replacement2_Reflects], + auto) +apply (rule_tac env="[A,B,0,nat]" in DPow_LsetI) +apply (rule sep_rules list_functor_iff_sats is_iterates_iff_sats | simp)+ +done + + +subsection\\<^term>\L\ is Closed Under the Operator \<^term>\formula\\ + +subsubsection\Instances of Replacement for Formulas\ + +(*FIXME: could prove a lemma iterates_replacementI to eliminate the +need to expand iterates_replacement and wfrec_replacement*) +lemma formula_replacement1_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & (\y[L]. pair(L,u,y,x) & + is_wfrec(L, iterates_MH(L, is_formula_functor(L), 0), memsn, u, y)), + \i x. \u \ Lset(i). u \ B & (\y \ Lset(i). pair(##Lset(i), u, y, x) & + is_wfrec(##Lset(i), + iterates_MH(##Lset(i), + is_formula_functor(##Lset(i)), 0), memsn, u, y))]" +by (intro FOL_reflections function_reflections is_wfrec_reflection + iterates_MH_reflection formula_functor_reflection) + +lemma formula_replacement1: + "iterates_replacement(L, is_formula_functor(L), 0)" +apply (unfold iterates_replacement_def wfrec_replacement_def, clarify) +apply (rule strong_replacementI) +apply (rule_tac u="{B,n,0,Memrel(succ(n))}" + in gen_separation_multi [OF formula_replacement1_Reflects], + auto) +apply (rule_tac env="[n,B,0,Memrel(succ(n))]" in DPow_LsetI) +apply (rule sep_rules is_nat_case_iff_sats formula_functor_iff_sats + is_wfrec_iff_sats iterates_MH_iff_sats quasinat_iff_sats | simp)+ +done + +lemma formula_replacement2_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & u \ nat & + is_iterates(L, is_formula_functor(L), 0, u, x), + \i x. \u \ Lset(i). u \ B & u \ nat & + is_iterates(##Lset(i), is_formula_functor(##Lset(i)), 0, u, x)]" +by (intro FOL_reflections + is_iterates_reflection formula_functor_reflection) + +lemma formula_replacement2: + "strong_replacement(L, + \n y. n\nat & is_iterates(L, is_formula_functor(L), 0, n, y))" +apply (rule strong_replacementI) +apply (rule_tac u="{B,0,nat}" + in gen_separation_multi [OF formula_replacement2_Reflects], + auto) +apply (rule_tac env="[B,0,nat]" in DPow_LsetI) +apply (rule sep_rules formula_functor_iff_sats is_iterates_iff_sats | simp)+ +done + +text\NB The proofs for type \<^term>\formula\ are virtually identical to those +for \<^term>\list(A)\. It was a cut-and-paste job!\ + + +subsubsection\The Formula \<^term>\is_nth\, Internalized\ + +(* "is_nth(M,n,l,Z) == + \X[M]. is_iterates(M, is_tl(M), l, n, X) & is_hd(M,X,Z)" *) +definition + nth_fm :: "[i,i,i]=>i" where + "nth_fm(n,l,Z) == + Exists(And(is_iterates_fm(tl_fm(1,0), succ(l), succ(n), 0), + hd_fm(0,succ(Z))))" + +lemma nth_fm_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> nth_fm(x,y,z) \ formula" +by (simp add: nth_fm_def) + +lemma sats_nth_fm [simp]: + "[| x < length(env); y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, nth_fm(x,y,z), env) \ + is_nth(##A, nth(x,env), nth(y,env), nth(z,env))" +apply (frule lt_length_in_nat, assumption) +apply (simp add: nth_fm_def is_nth_def sats_is_iterates_fm) +done + +lemma nth_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i < length(env); j \ nat; k \ nat; env \ list(A)|] + ==> is_nth(##A, x, y, z) \ sats(A, nth_fm(i,j,k), env)" +by (simp) + +theorem nth_reflection: + "REFLECTS[\x. is_nth(L, f(x), g(x), h(x)), + \i x. is_nth(##Lset(i), f(x), g(x), h(x))]" +apply (simp only: is_nth_def) +apply (intro FOL_reflections is_iterates_reflection + hd_reflection tl_reflection) +done + + +subsubsection\An Instance of Replacement for \<^term>\nth\\ + +(*FIXME: could prove a lemma iterates_replacementI to eliminate the +need to expand iterates_replacement and wfrec_replacement*) +lemma nth_replacement_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & (\y[L]. pair(L,u,y,x) & + is_wfrec(L, iterates_MH(L, is_tl(L), z), memsn, u, y)), + \i x. \u \ Lset(i). u \ B & (\y \ Lset(i). pair(##Lset(i), u, y, x) & + is_wfrec(##Lset(i), + iterates_MH(##Lset(i), + is_tl(##Lset(i)), z), memsn, u, y))]" +by (intro FOL_reflections function_reflections is_wfrec_reflection + iterates_MH_reflection tl_reflection) + +lemma nth_replacement: + "L(w) ==> iterates_replacement(L, is_tl(L), w)" +apply (unfold iterates_replacement_def wfrec_replacement_def, clarify) +apply (rule strong_replacementI) +apply (rule_tac u="{B,w,Memrel(succ(n))}" + in gen_separation_multi [OF nth_replacement_Reflects], + auto) +apply (rule_tac env="[B,w,Memrel(succ(n))]" in DPow_LsetI) +apply (rule sep_rules is_nat_case_iff_sats tl_iff_sats + is_wfrec_iff_sats iterates_MH_iff_sats quasinat_iff_sats | simp)+ +done + + +subsubsection\Instantiating the locale \M_datatypes\\ + +lemma M_datatypes_axioms_L: "M_datatypes_axioms(L)" + apply (rule M_datatypes_axioms.intro) + apply (assumption | rule + list_replacement1 list_replacement2 + formula_replacement1 formula_replacement2 + nth_replacement)+ + done + +theorem M_datatypes_L: "M_datatypes(L)" + apply (rule M_datatypes.intro) + apply (rule M_trancl_L) + apply (rule M_datatypes_axioms_L) + done + +interpretation L: M_datatypes L by (rule M_datatypes_L) + + +subsection\\<^term>\L\ is Closed Under the Operator \<^term>\eclose\\ + +subsubsection\Instances of Replacement for \<^term>\eclose\\ + +lemma eclose_replacement1_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & (\y[L]. pair(L,u,y,x) & + is_wfrec(L, iterates_MH(L, big_union(L), A), memsn, u, y)), + \i x. \u \ Lset(i). u \ B & (\y \ Lset(i). pair(##Lset(i), u, y, x) & + is_wfrec(##Lset(i), + iterates_MH(##Lset(i), big_union(##Lset(i)), A), + memsn, u, y))]" +by (intro FOL_reflections function_reflections is_wfrec_reflection + iterates_MH_reflection) + +lemma eclose_replacement1: + "L(A) ==> iterates_replacement(L, big_union(L), A)" +apply (unfold iterates_replacement_def wfrec_replacement_def, clarify) +apply (rule strong_replacementI) +apply (rule_tac u="{B,A,n,Memrel(succ(n))}" + in gen_separation_multi [OF eclose_replacement1_Reflects], auto) +apply (rule_tac env="[B,A,n,Memrel(succ(n))]" in DPow_LsetI) +apply (rule sep_rules iterates_MH_iff_sats is_nat_case_iff_sats + is_wfrec_iff_sats big_union_iff_sats quasinat_iff_sats | simp)+ +done + + +lemma eclose_replacement2_Reflects: + "REFLECTS + [\x. \u[L]. u \ B & u \ nat & + is_iterates(L, big_union(L), A, u, x), + \i x. \u \ Lset(i). u \ B & u \ nat & + is_iterates(##Lset(i), big_union(##Lset(i)), A, u, x)]" +by (intro FOL_reflections function_reflections is_iterates_reflection) + +lemma eclose_replacement2: + "L(A) ==> strong_replacement(L, + \n y. n\nat & is_iterates(L, big_union(L), A, n, y))" +apply (rule strong_replacementI) +apply (rule_tac u="{A,B,nat}" + in gen_separation_multi [OF eclose_replacement2_Reflects], + auto) +apply (rule_tac env="[A,B,nat]" in DPow_LsetI) +apply (rule sep_rules is_iterates_iff_sats big_union_iff_sats | simp)+ +done + + +subsubsection\Instantiating the locale \M_eclose\\ + +lemma M_eclose_axioms_L: "M_eclose_axioms(L)" + apply (rule M_eclose_axioms.intro) + apply (assumption | rule eclose_replacement1 eclose_replacement2)+ + done + +theorem M_eclose_L: "M_eclose(L)" + apply (rule M_eclose.intro) + apply (rule M_trancl_L) + apply (rule M_eclose_axioms_L) + done + +interpretation L: M_eclose L by (rule M_eclose_L) + + +end diff --git a/thys/Transitive_Models/Recursion_Thms.thy b/thys/Transitive_Models/Recursion_Thms.thy --- a/thys/Transitive_Models/Recursion_Thms.thy +++ b/thys/Transitive_Models/Recursion_Thms.thy @@ -1,363 +1,363 @@ section\Some enhanced theorems on recursion\ theory Recursion_Thms - imports "ZF-Constructible.Datatype_absolute" + imports "Eclose_Absolute" begin hide_const (open) Order.pred \ \Removing arities from inherited simpset\ declare arity_And [simp del] arity_Or[simp del] arity_Implies[simp del] arity_Exists[simp del] arity_Iff[simp del] arity_subset_fm [simp del] arity_ordinal_fm[simp del] arity_transset_fm[simp del] text\We prove results concerning definitions by well-founded recursion on some relation \<^term>\R\ and its transitive closure \<^term>\R^*\\ lemma fld_restrict_eq : "a \ A \ (r \ A\A)-``{a} = (r-``{a} \ A)" by(force) lemma fld_restrict_mono : "relation(r) \ A \ B \ r \ A\A \ r \ B\B" by(auto) lemma fld_restrict_dom : assumes "relation(r)" "domain(r) \ A" "range(r)\ A" shows "r\ A\A = r" proof (rule equalityI,blast,rule subsetI) { fix x assume xr: "x \ r" from xr assms have "\ a b . x = \a,b\" by (simp add: relation_def) then obtain a b where "\a,b\ \ r" "\a,b\ \ r\A\A" "x \ r\A\A" using assms xr by force then have "x\ r \ A\A" by simp } then show "x \ r \ x\ r\A\A" for x . qed definition tr_down :: "[i,i] \ i" where "tr_down(r,a) = (r^+)-``{a}" lemma tr_downD : "x \ tr_down(r,a) \ \x,a\ \ r^+" by (simp add: tr_down_def vimage_singleton_iff) lemma pred_down : "relation(r) \ r-``{a} \ tr_down(r,a)" by(simp add: tr_down_def vimage_mono r_subset_trancl) lemma tr_down_mono : "relation(r) \ x \ r-``{a} \ tr_down(r,x) \ tr_down(r,a)" by(rule subsetI,simp add:tr_down_def,auto dest: underD,force simp add: underI r_into_trancl trancl_trans) lemma rest_eq : assumes "relation(r)" and "r-``{a} \ B" and "a \ B" shows "r-``{a} = (r\B\B)-``{a}" proof (intro equalityI subsetI) fix x assume "x \ r-``{a}" then have "x \ B" using assms by (simp add: subsetD) from \x\ r-``{a}\ have "\x,a\ \ r" using underD by simp then show "x \ (r\B\B)-``{a}" using \x\B\ \a\B\ underI by simp next from assms show "x \ r -`` {a}" if "x \ (r \ B\B) -`` {a}" for x using vimage_mono that by auto qed lemma wfrec_restr_eq : "r' = r \ A\A \ wfrec[A](r,a,H) = wfrec(r',a,H)" by(simp add:wfrec_on_def) lemma wfrec_restr : assumes rr: "relation(r)" and wfr:"wf(r)" shows "a \ A \ tr_down(r,a) \ A \ wfrec(r,a,H) = wfrec[A](r,a,H)" proof (induct a arbitrary:A rule:wf_induct_raw[OF wfr] ) case (1 a) have wfRa : "wf[A](r)" using wf_subset wfr wf_on_def Int_lower1 by simp from pred_down rr have "r -`` {a} \ tr_down(r, a)" . with 1 have "r-``{a} \ A" by (force simp add: subset_trans) { fix x assume x_a : "x \ r-``{a}" with \r-``{a} \ A\ have "x \ A" .. from pred_down rr have b : "r -``{x} \ tr_down(r,x)" . then have "tr_down(r,x) \ tr_down(r,a)" using tr_down_mono x_a rr by simp with 1 have "tr_down(r,x) \ A" using subset_trans by force have "\x,a\ \ r" using x_a underD by simp with 1 \tr_down(r,x) \ A\ \x \ A\ have "wfrec(r,x,H) = wfrec[A](r,x,H)" by simp } then have "x\ r-``{a} \ wfrec(r,x,H) = wfrec[A](r,x,H)" for x . then have Eq1 :"(\ x \ r-``{a} . wfrec(r,x,H)) = (\ x \ r-``{a} . wfrec[A](r,x,H))" using lam_cong by simp from assms have "wfrec(r,a,H) = H(a,\ x \ r-``{a} . wfrec(r,x,H))" by (simp add:wfrec) also have "... = H(a,\ x \ r-``{a} . wfrec[A](r,x,H))" using assms Eq1 by simp also from 1 \r-``{a} \ A\ have "... = H(a,\ x \ (r\A\A)-``{a} . wfrec[A](r,x,H))" using assms rest_eq by simp also from \a\A\ have "... = H(a,\ x \ (r-``{a})\A . wfrec[A](r,x,H))" using fld_restrict_eq by simp also from \a\A\ \wf[A](r)\ have "... = wfrec[A](r,a,H)" using wfrec_on by simp finally show ?case . qed lemmas wfrec_tr_down = wfrec_restr[OF _ _ _ subset_refl] lemma wfrec_trans_restr : "relation(r) \ wf(r) \ trans(r) \ r-``{a}\A \ a \ A \ wfrec(r, a, H) = wfrec[A](r, a, H)" by(subgoal_tac "tr_down(r,a) \ A",auto simp add : wfrec_restr tr_down_def trancl_eq_r) lemma field_trancl : "field(r^+) = field(r)" by (blast intro: r_into_trancl dest!: trancl_type [THEN subsetD]) definition Rrel :: "[i\i\o,i] \ i" where "Rrel(R,A) \ {z\A\A. \x y. z = \x, y\ \ R(x,y)}" lemma RrelI : "x \ A \ y \ A \ R(x,y) \ \x,y\ \ Rrel(R,A)" unfolding Rrel_def by simp lemma Rrel_mem: "Rrel(mem,x) = Memrel(x)" unfolding Rrel_def Memrel_def .. lemma relation_Rrel: "relation(Rrel(R,d))" unfolding Rrel_def relation_def by simp lemma field_Rrel: "field(Rrel(R,d)) \ d" unfolding Rrel_def by auto lemma Rrel_mono : "A \ B \ Rrel(R,A) \ Rrel(R,B)" unfolding Rrel_def by blast lemma Rrel_restr_eq : "Rrel(R,A) \ B\B = Rrel(R,A\B)" unfolding Rrel_def by blast \ \We obtain this lemmas as a consequence of the previous one; alternatively it can be obtained using @{thm [source] Ordinal.Memrel_type}\ lemma field_Memrel : "field(Memrel(A)) \ A" using Rrel_mem field_Rrel by blast lemma restrict_trancl_Rrel: assumes "R(w,y)" shows "restrict(f,Rrel(R,d)-``{y})`w = restrict(f,(Rrel(R,d)^+)-``{y})`w" proof (cases "y\d") let ?r="Rrel(R,d)" and ?s="(Rrel(R,d))^+" case True show ?thesis proof (cases "w\d") case True with \y\d\ assms have "\w,y\\?r" unfolding Rrel_def by blast then have "\w,y\\?s" using r_subset_trancl[of ?r] relation_Rrel[of R d] by blast with \\w,y\\?r\ have "w\?r-``{y}" "w\?s-``{y}" using vimage_singleton_iff by simp_all then show ?thesis by simp next case False then have "w\domain(restrict(f,?r-``{y}))" using subsetD[OF field_Rrel[of R d]] by auto moreover from \w\d\ have "w\domain(restrict(f,?s-``{y}))" using subsetD[OF field_Rrel[of R d], of w] field_trancl[of ?r] fieldI1[of w y ?s] by auto ultimately have "restrict(f,?r-``{y})`w = 0" "restrict(f,?s-``{y})`w = 0" unfolding apply_def by auto then show ?thesis by simp qed next let ?r="Rrel(R,d)" let ?s="?r^+" case False then have "?r-``{y}=0" unfolding Rrel_def by blast then have "w\?r-``{y}" by simp with \y\d\ assms have "y\field(?s)" using field_trancl subsetD[OF field_Rrel[of R d]] by force then have "w\?s-``{y}" using vimage_singleton_iff by blast with \w\?r-``{y}\ show ?thesis by simp qed lemma restrict_trans_eq: assumes "w \ y" shows "restrict(f,Memrel(eclose({x}))-``{y})`w = restrict(f,(Memrel(eclose({x}))^+)-``{y})`w" using assms restrict_trancl_Rrel[of mem ] Rrel_mem by (simp) lemma wf_eq_trancl: assumes "\ f y . H(y,restrict(f,R-``{y})) = H(y,restrict(f,R^+-``{y}))" shows "wfrec(R, x, H) = wfrec(R^+, x, H)" (is "wfrec(?r,_,_) = wfrec(?r',_,_)") proof - have "wfrec(R, x, H) = wftrec(?r^+, x, \y f. H(y, restrict(f,?r-``{y})))" unfolding wfrec_def .. also have " ... = wftrec(?r^+, x, \y f. H(y, restrict(f,(?r^+)-``{y})))" using assms by simp also have " ... = wfrec(?r^+, x, H)" unfolding wfrec_def using trancl_eq_r[OF relation_trancl trans_trancl] by simp finally show ?thesis . qed lemma transrec_equal_on_Ord: assumes "\x f . Ord(x) \ foo(x,f) = bar(x,f)" "Ord(\)" shows "transrec(\, foo) = transrec(\, bar)" proof - have "transrec(\,foo) = transrec(\,bar)" if "Ord(\)" for \ using that proof (induct rule:trans_induct) case (step \) have "transrec(\, foo) = foo(\, \x\\. transrec(x, foo))" using def_transrec[of "\x. transrec(x, foo)" foo] by blast also from assms and step have " \ = bar(\, \x\\. transrec(x, foo))" by simp also from step have " \ = bar(\, \x\\. transrec(x, bar))" by (auto) also have " \ = transrec(\, bar)" using def_transrec[of "\x. transrec(x, bar)" bar, symmetric] by blast finally show "transrec(\, foo) = transrec(\, bar)" . qed with assms show ?thesis by simp qed \ \Next theorem is very similar to @{thm [source] transrec_equal_on_Ord}\ lemma (in M_eclose) transrec_equal_on_M: assumes "\x f . M(x) \ M(f) \ foo(x,f) = bar(x,f)" "\\. M(\) \ transrec_replacement(M,is_foo,\)" "relation2(M,is_foo,foo)" "strong_replacement(M, \x y. y = \x, transrec(x, foo)\)" "\x[M]. \g[M]. function(g) \ M(foo(x,g))" "M(\)" "Ord(\)" shows "transrec(\, foo) = transrec(\, bar)" proof - have "M(transrec(x, foo))" if "Ord(x)" and "M(x)" for x using that assms transrec_closed[of is_foo] by simp have "transrec(\,foo) = transrec(\,bar)" "M(transrec(\,foo))" if "Ord(\)" "M(\)" for \ using that proof (induct rule:trans_induct) case (step \) moreover assume "M(\)" moreover note \Ord(\)\ M(\) \ M(transrec(\, foo))\ ultimately show "M(transrec(\, foo))" by blast with step \M(\)\ \\x. Ord(x)\ M(x) \ M(transrec(x, foo))\ \strong_replacement(M, \x y. y = \x, transrec(x, foo)\)\ have "M(\x\\. transrec(x, foo))" using Ord_in_Ord transM[of _ \] by (rule_tac lam_closed) auto have "transrec(\, foo) = foo(\, \x\\. transrec(x, foo))" using def_transrec[of "\x. transrec(x, foo)" foo] by blast also from assms and \M(\x\\. transrec(x, foo))\ \M(\)\ have " \ = bar(\, \x\\. transrec(x, foo))" by simp also from step and \M(\)\ have " \ = bar(\, \x\\. transrec(x, bar))" using transM[of _ \] by (auto) also have " \ = transrec(\, bar)" using def_transrec[of "\x. transrec(x, bar)" bar, symmetric] by blast finally show "transrec(\, foo) = transrec(\, bar)" . qed with assms show ?thesis by simp qed lemma ordermap_restr_eq: assumes "well_ord(X,r)" shows "ordermap(X, r) = ordermap(X, r \ X\X)" proof - let ?A="\x . Order.pred(X, x, r)" let ?B="\x . Order.pred(X, x, r \ X \ X)" let ?F="\x f. f `` ?A(x)" let ?G="\x f. f `` ?B(x)" let ?P="\ z. z\X \ wfrec(r \ X \ X,z,\x f. f `` ?A(x)) = wfrec(r \ X \ X,z,\x f. f `` ?B(x))" have pred_eq: "Order.pred(X, x, r \ X \ X) = Order.pred(X, x, r)" if "x\X" for x unfolding Order.pred_def using that by auto from assms have wf_onX:"wf(r \ X \ X)" unfolding well_ord_def wf_on_def by simp { have "?P(z)" for z proof(induct rule:wf_induct[where P="?P",OF wf_onX]) case (1 x) { assume "x\X" from 1 have lam_eq: "(\w\(r \ X \ X) -`` {x}. wfrec(r \ X \ X, w, ?F)) = (\w\(r \ X \ X) -`` {x}. wfrec(r \ X \ X, w, ?G))" (is "?L=?R") proof - have "wfrec(r \ X \ X, w, ?F) = wfrec(r \ X \ X, w, ?G)" if "w\(r\X\X)-``{x}" for w using 1 that by auto then show ?thesis using lam_cong[OF refl] by simp qed then have "wfrec(r \ X \ X, x, ?F) = ?L `` ?A(x)" using wfrec[OF wf_onX,of x ?F] by simp also have "... = ?R `` ?B(x)" using lam_eq pred_eq[OF \x\_\] by simp also have "... = wfrec(r \ X \ X, x, ?G)" using wfrec[OF wf_onX,of x ?G] by simp finally have "wfrec(r \ X \ X, x, ?F) = wfrec(r \ X \ X, x, ?G)" by simp } then show ?case by simp qed } then show ?thesis unfolding ordermap_def wfrec_on_def using Int_ac by simp qed end diff --git a/thys/Transitive_Models/Relativization.thy b/thys/Transitive_Models/Relativization.thy --- a/thys/Transitive_Models/Relativization.thy +++ b/thys/Transitive_Models/Relativization.thy @@ -1,140 +1,131 @@ section\Automatic relativization of terms and formulas\ text\Relativization of terms and formulas. Relativization of formulas shares relativized terms as far as possible; assuming that the witnesses for the relativized terms are always unique.\ theory Relativization imports - "ZF-Constructible.Datatype_absolute" + "Eclose_Absolute" Higher_Order_Constructs keywords "relativize" :: thy_decl % "ML" and "relativize_tm" :: thy_decl % "ML" and "reldb_add" :: thy_decl % "ML" and "reldb_rem" :: thy_decl % "ML" and "relationalize" :: thy_decl % "ML" and "rel_closed" :: thy_goal_stmt % "ML" and "is_iff_rel" :: thy_goal_stmt % "ML" and "univalent" :: thy_goal_stmt % "ML" and "absolute" and "functional" and "relational" and "external" and "for" begin ML_file\Relativization_Database.ml\ ML\ structure Absoluteness = Named_Thms (val name = @{binding "absolut"} val description = "Theorems of absoulte terms and predicates.") \ setup\Absoluteness.setup\ lemmas relative_abs = M_trans.empty_abs M_trans.pair_abs M_trivial.cartprod_abs M_trans.union_abs M_trans.inter_abs M_trans.setdiff_abs M_trans.Union_abs M_trivial.cons_abs (*M_trans.upair_abs*) M_trivial.successor_abs M_trans.Collect_abs M_trans.Replace_abs M_trivial.lambda_abs2 M_trans.image_abs (*M_trans.powerset_abs*) M_trivial.nat_case_abs (* M_trans.transitive_set_abs M_trans.ordinal_abs M_trivial.limit_ordinal_abs M_trivial.successor_ordinal_abs M_trivial.finite_ordinal_abs *) M_trivial.omega_abs M_basic.sum_abs M_trivial.Inl_abs M_trivial.Inr_abs M_basic.converse_abs M_basic.vimage_abs M_trans.domain_abs M_trans.range_abs M_basic.field_abs (* M_basic.apply_abs *) (* M_trivial.typed_function_abs M_basic.injection_abs M_basic.surjection_abs M_basic.bijection_abs *) M_basic.composition_abs M_trans.restriction_abs M_trans.Inter_abs M_trivial.bool_of_o_abs M_trivial.not_abs M_trivial.and_abs M_trivial.or_abs M_trivial.Nil_abs M_trivial.Cons_abs (*M_trivial.quasilist_abs*) M_trivial.list_case_abs M_trivial.hd_abs M_trivial.tl_abs M_trivial.least_abs' M_eclose.transrec_abs M_trans.If_abs M_trans.The_abs M_eclose.recursor_abs M_trancl.trans_wfrec_abs M_trancl.trans_wfrec_on_abs lemmas datatype_abs = - M_datatypes.list_N_abs - M_datatypes.list_abs - M_datatypes.formula_N_abs - M_datatypes.formula_abs M_eclose.is_eclose_n_abs M_eclose.eclose_abs - M_datatypes.length_abs - M_datatypes.nth_abs M_trivial.Member_abs M_trivial.Equal_abs M_trivial.Nand_abs M_trivial.Forall_abs - M_datatypes.depth_abs - M_datatypes.formula_case_abs declare relative_abs[absolut] -declare datatype_abs[absolut] ML_file\Relativization.ml\ setup\Relativization.init_db Relativization.db \ declare relative_abs[Rel] (*TODO: check all the duplicate cases here.*) declare datatype_abs[Rel] ML\ val db = Relativization.get_db @{context} \ end diff --git a/thys/Transitive_Models/Satisfies_absolute.thy b/thys/Transitive_Models/Satisfies_absolute.thy new file mode 100644 --- /dev/null +++ b/thys/Transitive_Models/Satisfies_absolute.thy @@ -0,0 +1,1040 @@ +(* Title: ZF/Constructible/Satisfies_absolute.thy + Author: Lawrence C Paulson, Cambridge University Computer Laboratory +*) + +section \Absoluteness for the Satisfies Relation on Formulas\ + +theory Satisfies_absolute imports Datatype_absolute Rec_Separation begin + + +subsection \More Internalization\ + +subsubsection\The Formula \<^term>\is_depth\, Internalized\ + +(* "is_depth(M,p,n) == + \sn[M]. \formula_n[M]. \formula_sn[M]. + 2 1 0 + is_formula_N(M,n,formula_n) & p \ formula_n & + successor(M,n,sn) & is_formula_N(M,sn,formula_sn) & p \ formula_sn" *) +definition + depth_fm :: "[i,i]=>i" where + "depth_fm(p,n) == + Exists(Exists(Exists( + And(formula_N_fm(n#+3,1), + And(Neg(Member(p#+3,1)), + And(succ_fm(n#+3,2), + And(formula_N_fm(2,0), Member(p#+3,0))))))))" + +lemma depth_fm_type [TC]: + "[| x \ nat; y \ nat |] ==> depth_fm(x,y) \ formula" +by (simp add: depth_fm_def) + +lemma sats_depth_fm [simp]: + "[| x \ nat; y < length(env); env \ list(A)|] + ==> sats(A, depth_fm(x,y), env) \ + is_depth(##A, nth(x,env), nth(y,env))" +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: depth_fm_def is_depth_def) +done + +lemma depth_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; + i \ nat; j < length(env); env \ list(A)|] + ==> is_depth(##A, x, y) \ sats(A, depth_fm(i,j), env)" +by (simp) + +theorem depth_reflection: + "REFLECTS[\x. is_depth(L, f(x), g(x)), + \i x. is_depth(##Lset(i), f(x), g(x))]" +apply (simp only: is_depth_def) +apply (intro FOL_reflections function_reflections formula_N_reflection) +done + + + +subsubsection\The Operator \<^term>\is_formula_case\\ + +text\The arguments of \<^term>\is_a\ are always 2, 1, 0, and the formula + will be enclosed by three quantifiers.\ + +(* is_formula_case :: + "[i=>o, [i,i,i]=>o, [i,i,i]=>o, [i,i,i]=>o, [i,i]=>o, i, i] => o" + "is_formula_case(M, is_a, is_b, is_c, is_d, v, z) == + (\x[M]. \y[M]. x\nat \ y\nat \ is_Member(M,x,y,v) \ is_a(x,y,z)) & + (\x[M]. \y[M]. x\nat \ y\nat \ is_Equal(M,x,y,v) \ is_b(x,y,z)) & + (\x[M]. \y[M]. x\formula \ y\formula \ + is_Nand(M,x,y,v) \ is_c(x,y,z)) & + (\x[M]. x\formula \ is_Forall(M,x,v) \ is_d(x,z))" *) + +definition + formula_case_fm :: "[i, i, i, i, i, i]=>i" where + "formula_case_fm(is_a, is_b, is_c, is_d, v, z) == + And(Forall(Forall(Implies(finite_ordinal_fm(1), + Implies(finite_ordinal_fm(0), + Implies(Member_fm(1,0,v#+2), + Forall(Implies(Equal(0,z#+3), is_a))))))), + And(Forall(Forall(Implies(finite_ordinal_fm(1), + Implies(finite_ordinal_fm(0), + Implies(Equal_fm(1,0,v#+2), + Forall(Implies(Equal(0,z#+3), is_b))))))), + And(Forall(Forall(Implies(mem_formula_fm(1), + Implies(mem_formula_fm(0), + Implies(Nand_fm(1,0,v#+2), + Forall(Implies(Equal(0,z#+3), is_c))))))), + Forall(Implies(mem_formula_fm(0), + Implies(Forall_fm(0,succ(v)), + Forall(Implies(Equal(0,z#+2), is_d))))))))" + + +lemma is_formula_case_type [TC]: + "[| is_a \ formula; is_b \ formula; is_c \ formula; is_d \ formula; + x \ nat; y \ nat |] + ==> formula_case_fm(is_a, is_b, is_c, is_d, x, y) \ formula" +by (simp add: formula_case_fm_def) + +lemma sats_formula_case_fm: + assumes is_a_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISA(a2, a1, a0) \ sats(A, is_a, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_b_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISB(a2, a1, a0) \ sats(A, is_b, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_c_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISC(a2, a1, a0) \ sats(A, is_c, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_d_iff_sats: + "!!a0 a1. + [|a0\A; a1\A|] + ==> ISD(a1, a0) \ sats(A, is_d, Cons(a0,Cons(a1,env)))" + shows + "[|x \ nat; y < length(env); env \ list(A)|] + ==> sats(A, formula_case_fm(is_a,is_b,is_c,is_d,x,y), env) \ + is_formula_case(##A, ISA, ISB, ISC, ISD, nth(x,env), nth(y,env))" +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: formula_case_fm_def is_formula_case_def + is_a_iff_sats [THEN iff_sym] is_b_iff_sats [THEN iff_sym] + is_c_iff_sats [THEN iff_sym] is_d_iff_sats [THEN iff_sym]) +done + +lemma formula_case_iff_sats: + assumes is_a_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISA(a2, a1, a0) \ sats(A, is_a, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_b_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISB(a2, a1, a0) \ sats(A, is_b, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_c_iff_sats: + "!!a0 a1 a2. + [|a0\A; a1\A; a2\A|] + ==> ISC(a2, a1, a0) \ sats(A, is_c, Cons(a0,Cons(a1,Cons(a2,env))))" + and is_d_iff_sats: + "!!a0 a1. + [|a0\A; a1\A|] + ==> ISD(a1, a0) \ sats(A, is_d, Cons(a0,Cons(a1,env)))" + shows + "[|nth(i,env) = x; nth(j,env) = y; + i \ nat; j < length(env); env \ list(A)|] + ==> is_formula_case(##A, ISA, ISB, ISC, ISD, x, y) \ + sats(A, formula_case_fm(is_a,is_b,is_c,is_d,i,j), env)" +by (simp add: sats_formula_case_fm [OF is_a_iff_sats is_b_iff_sats + is_c_iff_sats is_d_iff_sats]) + + +text\The second argument of \<^term>\is_a\ gives it direct access to \<^term>\x\, + which is essential for handling free variable references. Treatment is + based on that of \is_nat_case_reflection\.\ +theorem is_formula_case_reflection: + assumes is_a_reflection: + "!!h f g g'. REFLECTS[\x. is_a(L, h(x), f(x), g(x), g'(x)), + \i x. is_a(##Lset(i), h(x), f(x), g(x), g'(x))]" + and is_b_reflection: + "!!h f g g'. REFLECTS[\x. is_b(L, h(x), f(x), g(x), g'(x)), + \i x. is_b(##Lset(i), h(x), f(x), g(x), g'(x))]" + and is_c_reflection: + "!!h f g g'. REFLECTS[\x. is_c(L, h(x), f(x), g(x), g'(x)), + \i x. is_c(##Lset(i), h(x), f(x), g(x), g'(x))]" + and is_d_reflection: + "!!h f g g'. REFLECTS[\x. is_d(L, h(x), f(x), g(x)), + \i x. is_d(##Lset(i), h(x), f(x), g(x))]" + shows "REFLECTS[\x. is_formula_case(L, is_a(L,x), is_b(L,x), is_c(L,x), is_d(L,x), g(x), h(x)), + \i x. is_formula_case(##Lset(i), is_a(##Lset(i), x), is_b(##Lset(i), x), is_c(##Lset(i), x), is_d(##Lset(i), x), g(x), h(x))]" +apply (simp (no_asm_use) only: is_formula_case_def) +apply (intro FOL_reflections function_reflections finite_ordinal_reflection + mem_formula_reflection + Member_reflection Equal_reflection Nand_reflection Forall_reflection + is_a_reflection is_b_reflection is_c_reflection is_d_reflection) +done + + + +subsection \Absoluteness for the Function \<^term>\satisfies\\ + +definition + is_depth_apply :: "[i=>o,i,i,i] => o" where + \ \Merely a useful abbreviation for the sequel.\ + "is_depth_apply(M,h,p,z) == + \dp[M]. \sdp[M]. \hsdp[M]. + finite_ordinal(M,dp) & is_depth(M,p,dp) & successor(M,dp,sdp) & + fun_apply(M,h,sdp,hsdp) & fun_apply(M,hsdp,p,z)" + +lemma (in M_datatypes) is_depth_apply_abs [simp]: + "[|M(h); p \ formula; M(z)|] + ==> is_depth_apply(M,h,p,z) \ z = h ` succ(depth(p)) ` p" +by (simp add: is_depth_apply_def formula_into_M depth_type eq_commute) + + + +text\There is at present some redundancy between the relativizations in + e.g. \satisfies_is_a\ and those in e.g. \Member_replacement\.\ + +text\These constants let us instantiate the parameters \<^term>\a\, \<^term>\b\, + \<^term>\c\, \<^term>\d\, etc., of the locale \Formula_Rec\.\ +definition + satisfies_a :: "[i,i,i]=>i" where + "satisfies_a(A) == + \x y. \env \ list(A). bool_of_o (nth(x,env) \ nth(y,env))" + +definition + satisfies_is_a :: "[i=>o,i,i,i,i]=>o" where + "satisfies_is_a(M,A) == + \x y zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. is_bool_of_o(M, + \nx[M]. \ny[M]. + is_nth(M,x,env,nx) & is_nth(M,y,env,ny) & nx \ ny, z), + zz)" + +definition + satisfies_b :: "[i,i,i]=>i" where + "satisfies_b(A) == + \x y. \env \ list(A). bool_of_o (nth(x,env) = nth(y,env))" + +definition + satisfies_is_b :: "[i=>o,i,i,i,i]=>o" where + \ \We simplify the formula to have just \<^term>\nx\ rather than + introducing \<^term>\ny\ with \<^term>\nx=ny\\ + "satisfies_is_b(M,A) == + \x y zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. is_bool_of_o(M, + \nx[M]. is_nth(M,x,env,nx) & is_nth(M,y,env,nx), z), + zz)" + +definition + satisfies_c :: "[i,i,i,i,i]=>i" where + "satisfies_c(A) == \p q rp rq. \env \ list(A). not(rp ` env and rq ` env)" + +definition + satisfies_is_c :: "[i=>o,i,i,i,i,i]=>o" where + "satisfies_is_c(M,A,h) == + \p q zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, \env z. \hp[M]. \hq[M]. + (\rp[M]. is_depth_apply(M,h,p,rp) & fun_apply(M,rp,env,hp)) & + (\rq[M]. is_depth_apply(M,h,q,rq) & fun_apply(M,rq,env,hq)) & + (\pq[M]. is_and(M,hp,hq,pq) & is_not(M,pq,z)), + zz)" + +definition + satisfies_d :: "[i,i,i]=>i" where + "satisfies_d(A) + == \p rp. \env \ list(A). bool_of_o (\x\A. rp ` (Cons(x,env)) = 1)" + +definition + satisfies_is_d :: "[i=>o,i,i,i,i]=>o" where + "satisfies_is_d(M,A,h) == + \p zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. \rp[M]. is_depth_apply(M,h,p,rp) & + is_bool_of_o(M, + \x[M]. \xenv[M]. \hp[M]. + x\A \ is_Cons(M,x,env,xenv) \ + fun_apply(M,rp,xenv,hp) \ number1(M,hp), + z), + zz)" + +definition + satisfies_MH :: "[i=>o,i,i,i,i]=>o" where + \ \The variable \<^term>\u\ is unused, but gives \<^term>\satisfies_MH\ + the correct arity.\ + "satisfies_MH == + \M A u f z. + \fml[M]. is_formula(M,fml) \ + is_lambda (M, fml, + is_formula_case (M, satisfies_is_a(M,A), + satisfies_is_b(M,A), + satisfies_is_c(M,A,f), satisfies_is_d(M,A,f)), + z)" + +definition + is_satisfies :: "[i=>o,i,i,i]=>o" where + "is_satisfies(M,A) == is_formula_rec (M, satisfies_MH(M,A))" + + +text\This lemma relates the fragments defined above to the original primitive + recursion in \<^term>\satisfies\. + Induction is not required: the definitions are directly equal!\ +lemma satisfies_eq: + "satisfies(A,p) = + formula_rec (satisfies_a(A), satisfies_b(A), + satisfies_c(A), satisfies_d(A), p)" +by (simp add: satisfies_formula_def satisfies_a_def satisfies_b_def + satisfies_c_def satisfies_d_def) + +text\Further constraints on the class \<^term>\M\ in order to prove + absoluteness for the constants defined above. The ultimate goal + is the absoluteness of the function \<^term>\satisfies\.\ +locale M_satisfies = M_eclose + M_datatypes + + assumes + Member_replacement: + "[|M(A); x \ nat; y \ nat|] + ==> strong_replacement + (M, \env z. \bo[M]. \nx[M]. \ny[M]. + env \ list(A) & is_nth(M,x,env,nx) & is_nth(M,y,env,ny) & + is_bool_of_o(M, nx \ ny, bo) & + pair(M, env, bo, z))" + and + Equal_replacement: + "[|M(A); x \ nat; y \ nat|] + ==> strong_replacement + (M, \env z. \bo[M]. \nx[M]. \ny[M]. + env \ list(A) & is_nth(M,x,env,nx) & is_nth(M,y,env,ny) & + is_bool_of_o(M, nx = ny, bo) & + pair(M, env, bo, z))" + and + Nand_replacement: + "[|M(A); M(rp); M(rq)|] + ==> strong_replacement + (M, \env z. \rpe[M]. \rqe[M]. \andpq[M]. \notpq[M]. + fun_apply(M,rp,env,rpe) & fun_apply(M,rq,env,rqe) & + is_and(M,rpe,rqe,andpq) & is_not(M,andpq,notpq) & + env \ list(A) & pair(M, env, notpq, z))" + and + Forall_replacement: + "[|M(A); M(rp)|] + ==> strong_replacement + (M, \env z. \bo[M]. + env \ list(A) & + is_bool_of_o (M, + \a[M]. \co[M]. \rpco[M]. + a\A \ is_Cons(M,a,env,co) \ + fun_apply(M,rp,co,rpco) \ number1(M, rpco), + bo) & + pair(M,env,bo,z))" + and + formula_rec_replacement: + \ \For the \<^term>\transrec\\ + "[|n \ nat; M(A)|] ==> transrec_replacement(M, satisfies_MH(M,A), n)" + and + formula_rec_lambda_replacement: + \ \For the \\-abstraction\ in the \<^term>\transrec\ body\ + "[|M(g); M(A)|] ==> + strong_replacement (M, + \x y. mem_formula(M,x) & + (\c[M]. is_formula_case(M, satisfies_is_a(M,A), + satisfies_is_b(M,A), + satisfies_is_c(M,A,g), + satisfies_is_d(M,A,g), x, c) & + pair(M, x, c, y)))" + + +lemma (in M_satisfies) Member_replacement': + "[|M(A); x \ nat; y \ nat|] + ==> strong_replacement + (M, \env z. env \ list(A) & + z = \env, bool_of_o(nth(x, env) \ nth(y, env))\)" +by (insert Member_replacement, simp) + +lemma (in M_satisfies) Equal_replacement': + "[|M(A); x \ nat; y \ nat|] + ==> strong_replacement + (M, \env z. env \ list(A) & + z = \env, bool_of_o(nth(x, env) = nth(y, env))\)" +by (insert Equal_replacement, simp) + +lemma (in M_satisfies) Nand_replacement': + "[|M(A); M(rp); M(rq)|] + ==> strong_replacement + (M, \env z. env \ list(A) & z = \env, not(rp`env and rq`env)\)" +by (insert Nand_replacement, simp) + +lemma (in M_satisfies) Forall_replacement': + "[|M(A); M(rp)|] + ==> strong_replacement + (M, \env z. + env \ list(A) & + z = \env, bool_of_o (\a\A. rp ` Cons(a,env) = 1)\)" +by (insert Forall_replacement, simp) + +lemma (in M_satisfies) a_closed: + "[|M(A); x\nat; y\nat|] ==> M(satisfies_a(A,x,y))" +apply (simp add: satisfies_a_def) +apply (blast intro: lam_closed2 Member_replacement') +done + +lemma (in M_satisfies) a_rel: + "M(A) ==> Relation2(M, nat, nat, satisfies_is_a(M,A), satisfies_a(A))" +apply (simp add: Relation2_def satisfies_is_a_def satisfies_a_def) +apply (auto del: iffI intro!: lambda_abs2 simp add: Relation1_def) +done + +lemma (in M_satisfies) b_closed: + "[|M(A); x\nat; y\nat|] ==> M(satisfies_b(A,x,y))" +apply (simp add: satisfies_b_def) +apply (blast intro: lam_closed2 Equal_replacement') +done + +lemma (in M_satisfies) b_rel: + "M(A) ==> Relation2(M, nat, nat, satisfies_is_b(M,A), satisfies_b(A))" +apply (simp add: Relation2_def satisfies_is_b_def satisfies_b_def) +apply (auto del: iffI intro!: lambda_abs2 simp add: Relation1_def) +done + +lemma (in M_satisfies) c_closed: + "[|M(A); x \ formula; y \ formula; M(rx); M(ry)|] + ==> M(satisfies_c(A,x,y,rx,ry))" +apply (simp add: satisfies_c_def) +apply (rule lam_closed2) +apply (rule Nand_replacement') +apply (simp_all add: formula_into_M list_into_M [of _ A]) +done + +lemma (in M_satisfies) c_rel: + "[|M(A); M(f)|] ==> + Relation2 (M, formula, formula, + satisfies_is_c(M,A,f), + \u v. satisfies_c(A, u, v, f ` succ(depth(u)) ` u, + f ` succ(depth(v)) ` v))" +apply (simp add: Relation2_def satisfies_is_c_def satisfies_c_def) +apply (auto del: iffI intro!: lambda_abs2 + simp add: Relation1_def formula_into_M) +done + +lemma (in M_satisfies) d_closed: + "[|M(A); x \ formula; M(rx)|] ==> M(satisfies_d(A,x,rx))" +apply (simp add: satisfies_d_def) +apply (rule lam_closed2) +apply (rule Forall_replacement') +apply (simp_all add: formula_into_M list_into_M [of _ A]) +done + +lemma (in M_satisfies) d_rel: + "[|M(A); M(f)|] ==> + Relation1(M, formula, satisfies_is_d(M,A,f), + \u. satisfies_d(A, u, f ` succ(depth(u)) ` u))" +apply (simp del: rall_abs + add: Relation1_def satisfies_is_d_def satisfies_d_def) +apply (auto del: iffI intro!: lambda_abs2 simp add: Relation1_def) +done + + +lemma (in M_satisfies) fr_replace: + "[|n \ nat; M(A)|] ==> transrec_replacement(M,satisfies_MH(M,A),n)" +by (blast intro: formula_rec_replacement) + +lemma (in M_satisfies) formula_case_satisfies_closed: + "[|M(g); M(A); x \ formula|] ==> + M(formula_case (satisfies_a(A), satisfies_b(A), + \u v. satisfies_c(A, u, v, + g ` succ(depth(u)) ` u, g ` succ(depth(v)) ` v), + \u. satisfies_d (A, u, g ` succ(depth(u)) ` u), + x))" +by (blast intro: a_closed b_closed c_closed d_closed) + +lemma (in M_satisfies) fr_lam_replace: + "[|M(g); M(A)|] ==> + strong_replacement (M, \x y. x \ formula & + y = \x, + formula_rec_case(satisfies_a(A), + satisfies_b(A), + satisfies_c(A), + satisfies_d(A), g, x)\)" +apply (insert formula_rec_lambda_replacement) +apply (simp add: formula_rec_case_def formula_case_satisfies_closed + formula_case_abs [OF a_rel b_rel c_rel d_rel]) +done + + + +text\Instantiate locale \Formula_Rec\ for the + Function \<^term>\satisfies\\ + +lemma (in M_satisfies) Formula_Rec_axioms_M: + "M(A) ==> + Formula_Rec_axioms(M, satisfies_a(A), satisfies_is_a(M,A), + satisfies_b(A), satisfies_is_b(M,A), + satisfies_c(A), satisfies_is_c(M,A), + satisfies_d(A), satisfies_is_d(M,A))" +apply (rule Formula_Rec_axioms.intro) +apply (assumption | + rule a_closed a_rel b_closed b_rel c_closed c_rel d_closed d_rel + fr_replace [unfolded satisfies_MH_def] + fr_lam_replace) + +done + + +theorem (in M_satisfies) Formula_Rec_M: + "M(A) ==> + Formula_Rec(M, satisfies_a(A), satisfies_is_a(M,A), + satisfies_b(A), satisfies_is_b(M,A), + satisfies_c(A), satisfies_is_c(M,A), + satisfies_d(A), satisfies_is_d(M,A))" + apply (rule Formula_Rec.intro) + apply (rule M_satisfies.axioms, rule M_satisfies_axioms, rule M_datatypes_axioms) + apply (erule Formula_Rec_axioms_M) + done + +lemmas (in M_satisfies) + satisfies_closed' = Formula_Rec.formula_rec_closed [OF Formula_Rec_M] +and satisfies_abs' = Formula_Rec.formula_rec_abs [OF Formula_Rec_M] + + +lemma (in M_satisfies) satisfies_closed: + "[|M(A); p \ formula|] ==> M(satisfies(A,p))" +by (simp add: Formula_Rec.formula_rec_closed [OF Formula_Rec_M] + satisfies_eq) + +lemma (in M_satisfies) satisfies_abs: + "[|M(A); M(z); p \ formula|] + ==> is_satisfies(M,A,p,z) \ z = satisfies(A,p)" +by (simp only: Formula_Rec.formula_rec_abs [OF Formula_Rec_M] + satisfies_eq is_satisfies_def satisfies_MH_def) + + +subsection\Internalizations Needed to Instantiate \M_satisfies\\ + +subsubsection\The Operator \<^term>\is_depth_apply\, Internalized\ + +(* is_depth_apply(M,h,p,z) == + \dp[M]. \sdp[M]. \hsdp[M]. + 2 1 0 + finite_ordinal(M,dp) & is_depth(M,p,dp) & successor(M,dp,sdp) & + fun_apply(M,h,sdp,hsdp) & fun_apply(M,hsdp,p,z) *) +definition + depth_apply_fm :: "[i,i,i]=>i" where + "depth_apply_fm(h,p,z) == + Exists(Exists(Exists( + And(finite_ordinal_fm(2), + And(depth_fm(p#+3,2), + And(succ_fm(2,1), + And(fun_apply_fm(h#+3,1,0), fun_apply_fm(0,p#+3,z#+3))))))))" + +lemma depth_apply_type [TC]: + "[| x \ nat; y \ nat; z \ nat |] ==> depth_apply_fm(x,y,z) \ formula" +by (simp add: depth_apply_fm_def) + +lemma sats_depth_apply_fm [simp]: + "[| x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, depth_apply_fm(x,y,z), env) \ + is_depth_apply(##A, nth(x,env), nth(y,env), nth(z,env))" +by (simp add: depth_apply_fm_def is_depth_apply_def) + +lemma depth_apply_iff_sats: + "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z; + i \ nat; j \ nat; k \ nat; env \ list(A)|] + ==> is_depth_apply(##A, x, y, z) \ sats(A, depth_apply_fm(i,j,k), env)" +by simp + +lemma depth_apply_reflection: + "REFLECTS[\x. is_depth_apply(L,f(x),g(x),h(x)), + \i x. is_depth_apply(##Lset(i),f(x),g(x),h(x))]" +apply (simp only: is_depth_apply_def) +apply (intro FOL_reflections function_reflections depth_reflection + finite_ordinal_reflection) +done + + +subsubsection\The Operator \<^term>\satisfies_is_a\, Internalized\ + +(* satisfies_is_a(M,A) == + \x y zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. is_bool_of_o(M, + \nx[M]. \ny[M]. + is_nth(M,x,env,nx) & is_nth(M,y,env,ny) & nx \ ny, z), + zz) *) + +definition + satisfies_is_a_fm :: "[i,i,i,i]=>i" where + "satisfies_is_a_fm(A,x,y,z) == + Forall( + Implies(is_list_fm(succ(A),0), + lambda_fm( + bool_of_o_fm(Exists( + Exists(And(nth_fm(x#+6,3,1), + And(nth_fm(y#+6,3,0), + Member(1,0))))), 0), + 0, succ(z))))" + +lemma satisfies_is_a_type [TC]: + "[| A \ nat; x \ nat; y \ nat; z \ nat |] + ==> satisfies_is_a_fm(A,x,y,z) \ formula" +by (simp add: satisfies_is_a_fm_def) + +lemma sats_satisfies_is_a_fm [simp]: + "[| u \ nat; x < length(env); y < length(env); z \ nat; env \ list(A)|] + ==> sats(A, satisfies_is_a_fm(u,x,y,z), env) \ + satisfies_is_a(##A, nth(u,env), nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=x in lt_length_in_nat, assumption) +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: satisfies_is_a_fm_def satisfies_is_a_def sats_lambda_fm + sats_bool_of_o_fm) +done + +lemma satisfies_is_a_iff_sats: + "[| nth(u,env) = nu; nth(x,env) = nx; nth(y,env) = ny; nth(z,env) = nz; + u \ nat; x < length(env); y < length(env); z \ nat; env \ list(A)|] + ==> satisfies_is_a(##A,nu,nx,ny,nz) \ + sats(A, satisfies_is_a_fm(u,x,y,z), env)" +by simp + +theorem satisfies_is_a_reflection: + "REFLECTS[\x. satisfies_is_a(L,f(x),g(x),h(x),g'(x)), + \i x. satisfies_is_a(##Lset(i),f(x),g(x),h(x),g'(x))]" +apply (unfold satisfies_is_a_def) +apply (intro FOL_reflections is_lambda_reflection bool_of_o_reflection + nth_reflection is_list_reflection) +done + + +subsubsection\The Operator \<^term>\satisfies_is_b\, Internalized\ + +(* satisfies_is_b(M,A) == + \x y zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. is_bool_of_o(M, + \nx[M]. is_nth(M,x,env,nx) & is_nth(M,y,env,nx), z), + zz) *) + +definition + satisfies_is_b_fm :: "[i,i,i,i]=>i" where + "satisfies_is_b_fm(A,x,y,z) == + Forall( + Implies(is_list_fm(succ(A),0), + lambda_fm( + bool_of_o_fm(Exists(And(nth_fm(x#+5,2,0), nth_fm(y#+5,2,0))), 0), + 0, succ(z))))" + +lemma satisfies_is_b_type [TC]: + "[| A \ nat; x \ nat; y \ nat; z \ nat |] + ==> satisfies_is_b_fm(A,x,y,z) \ formula" +by (simp add: satisfies_is_b_fm_def) + +lemma sats_satisfies_is_b_fm [simp]: + "[| u \ nat; x < length(env); y < length(env); z \ nat; env \ list(A)|] + ==> sats(A, satisfies_is_b_fm(u,x,y,z), env) \ + satisfies_is_b(##A, nth(u,env), nth(x,env), nth(y,env), nth(z,env))" +apply (frule_tac x=x in lt_length_in_nat, assumption) +apply (frule_tac x=y in lt_length_in_nat, assumption) +apply (simp add: satisfies_is_b_fm_def satisfies_is_b_def sats_lambda_fm + sats_bool_of_o_fm) +done + +lemma satisfies_is_b_iff_sats: + "[| nth(u,env) = nu; nth(x,env) = nx; nth(y,env) = ny; nth(z,env) = nz; + u \ nat; x < length(env); y < length(env); z \ nat; env \ list(A)|] + ==> satisfies_is_b(##A,nu,nx,ny,nz) \ + sats(A, satisfies_is_b_fm(u,x,y,z), env)" +by simp + +theorem satisfies_is_b_reflection: + "REFLECTS[\x. satisfies_is_b(L,f(x),g(x),h(x),g'(x)), + \i x. satisfies_is_b(##Lset(i),f(x),g(x),h(x),g'(x))]" +apply (unfold satisfies_is_b_def) +apply (intro FOL_reflections is_lambda_reflection bool_of_o_reflection + nth_reflection is_list_reflection) +done + + +subsubsection\The Operator \<^term>\satisfies_is_c\, Internalized\ + +(* satisfies_is_c(M,A,h) == + \p q zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, \env z. \hp[M]. \hq[M]. + (\rp[M]. is_depth_apply(M,h,p,rp) & fun_apply(M,rp,env,hp)) & + (\rq[M]. is_depth_apply(M,h,q,rq) & fun_apply(M,rq,env,hq)) & + (\pq[M]. is_and(M,hp,hq,pq) & is_not(M,pq,z)), + zz) *) + +definition + satisfies_is_c_fm :: "[i,i,i,i,i]=>i" where + "satisfies_is_c_fm(A,h,p,q,zz) == + Forall( + Implies(is_list_fm(succ(A),0), + lambda_fm( + Exists(Exists( + And(Exists(And(depth_apply_fm(h#+7,p#+7,0), fun_apply_fm(0,4,2))), + And(Exists(And(depth_apply_fm(h#+7,q#+7,0), fun_apply_fm(0,4,1))), + Exists(And(and_fm(2,1,0), not_fm(0,3))))))), + 0, succ(zz))))" + +lemma satisfies_is_c_type [TC]: + "[| A \ nat; h \ nat; x \ nat; y \ nat; z \ nat |] + ==> satisfies_is_c_fm(A,h,x,y,z) \ formula" +by (simp add: satisfies_is_c_fm_def) + +lemma sats_satisfies_is_c_fm [simp]: + "[| u \ nat; v \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, satisfies_is_c_fm(u,v,x,y,z), env) \ + satisfies_is_c(##A, nth(u,env), nth(v,env), nth(x,env), + nth(y,env), nth(z,env))" +by (simp add: satisfies_is_c_fm_def satisfies_is_c_def sats_lambda_fm) + +lemma satisfies_is_c_iff_sats: + "[| nth(u,env) = nu; nth(v,env) = nv; nth(x,env) = nx; nth(y,env) = ny; + nth(z,env) = nz; + u \ nat; v \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> satisfies_is_c(##A,nu,nv,nx,ny,nz) \ + sats(A, satisfies_is_c_fm(u,v,x,y,z), env)" +by simp + +theorem satisfies_is_c_reflection: + "REFLECTS[\x. satisfies_is_c(L,f(x),g(x),h(x),g'(x),h'(x)), + \i x. satisfies_is_c(##Lset(i),f(x),g(x),h(x),g'(x),h'(x))]" +apply (unfold satisfies_is_c_def) +apply (intro FOL_reflections function_reflections is_lambda_reflection + extra_reflections nth_reflection depth_apply_reflection + is_list_reflection) +done + +subsubsection\The Operator \<^term>\satisfies_is_d\, Internalized\ + +(* satisfies_is_d(M,A,h) == + \p zz. \lA[M]. is_list(M,A,lA) \ + is_lambda(M, lA, + \env z. \rp[M]. is_depth_apply(M,h,p,rp) & + is_bool_of_o(M, + \x[M]. \xenv[M]. \hp[M]. + x\A \ is_Cons(M,x,env,xenv) \ + fun_apply(M,rp,xenv,hp) \ number1(M,hp), + z), + zz) *) + +definition + satisfies_is_d_fm :: "[i,i,i,i]=>i" where + "satisfies_is_d_fm(A,h,p,zz) == + Forall( + Implies(is_list_fm(succ(A),0), + lambda_fm( + Exists( + And(depth_apply_fm(h#+5,p#+5,0), + bool_of_o_fm( + Forall(Forall(Forall( + Implies(Member(2,A#+8), + Implies(Cons_fm(2,5,1), + Implies(fun_apply_fm(3,1,0), number1_fm(0))))))), 1))), + 0, succ(zz))))" + +lemma satisfies_is_d_type [TC]: + "[| A \ nat; h \ nat; x \ nat; z \ nat |] + ==> satisfies_is_d_fm(A,h,x,z) \ formula" +by (simp add: satisfies_is_d_fm_def) + +lemma sats_satisfies_is_d_fm [simp]: + "[| u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, satisfies_is_d_fm(u,x,y,z), env) \ + satisfies_is_d(##A, nth(u,env), nth(x,env), nth(y,env), nth(z,env))" +by (simp add: satisfies_is_d_fm_def satisfies_is_d_def sats_lambda_fm + sats_bool_of_o_fm) + +lemma satisfies_is_d_iff_sats: + "[| nth(u,env) = nu; nth(x,env) = nx; nth(y,env) = ny; nth(z,env) = nz; + u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> satisfies_is_d(##A,nu,nx,ny,nz) \ + sats(A, satisfies_is_d_fm(u,x,y,z), env)" +by simp + +theorem satisfies_is_d_reflection: + "REFLECTS[\x. satisfies_is_d(L,f(x),g(x),h(x),g'(x)), + \i x. satisfies_is_d(##Lset(i),f(x),g(x),h(x),g'(x))]" +apply (unfold satisfies_is_d_def) +apply (intro FOL_reflections function_reflections is_lambda_reflection + extra_reflections nth_reflection depth_apply_reflection + is_list_reflection) +done + + +subsubsection\The Operator \<^term>\satisfies_MH\, Internalized\ + +(* satisfies_MH == + \M A u f zz. + \fml[M]. is_formula(M,fml) \ + is_lambda (M, fml, + is_formula_case (M, satisfies_is_a(M,A), + satisfies_is_b(M,A), + satisfies_is_c(M,A,f), satisfies_is_d(M,A,f)), + zz) *) + +definition + satisfies_MH_fm :: "[i,i,i,i]=>i" where + "satisfies_MH_fm(A,u,f,zz) == + Forall( + Implies(is_formula_fm(0), + lambda_fm( + formula_case_fm(satisfies_is_a_fm(A#+7,2,1,0), + satisfies_is_b_fm(A#+7,2,1,0), + satisfies_is_c_fm(A#+7,f#+7,2,1,0), + satisfies_is_d_fm(A#+6,f#+6,1,0), + 1, 0), + 0, succ(zz))))" + +lemma satisfies_MH_type [TC]: + "[| A \ nat; u \ nat; x \ nat; z \ nat |] + ==> satisfies_MH_fm(A,u,x,z) \ formula" +by (simp add: satisfies_MH_fm_def) + +lemma sats_satisfies_MH_fm [simp]: + "[| u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> sats(A, satisfies_MH_fm(u,x,y,z), env) \ + satisfies_MH(##A, nth(u,env), nth(x,env), nth(y,env), nth(z,env))" +by (simp add: satisfies_MH_fm_def satisfies_MH_def sats_lambda_fm + sats_formula_case_fm) + +lemma satisfies_MH_iff_sats: + "[| nth(u,env) = nu; nth(x,env) = nx; nth(y,env) = ny; nth(z,env) = nz; + u \ nat; x \ nat; y \ nat; z \ nat; env \ list(A)|] + ==> satisfies_MH(##A,nu,nx,ny,nz) \ + sats(A, satisfies_MH_fm(u,x,y,z), env)" +by simp + +lemmas satisfies_reflections = + is_lambda_reflection is_formula_reflection + is_formula_case_reflection + satisfies_is_a_reflection satisfies_is_b_reflection + satisfies_is_c_reflection satisfies_is_d_reflection + +theorem satisfies_MH_reflection: + "REFLECTS[\x. satisfies_MH(L,f(x),g(x),h(x),g'(x)), + \i x. satisfies_MH(##Lset(i),f(x),g(x),h(x),g'(x))]" +apply (unfold satisfies_MH_def) +apply (intro FOL_reflections satisfies_reflections) +done + + +subsection\Lemmas for Instantiating the Locale \M_satisfies\\ + + +subsubsection\The \<^term>\Member\ Case\ + +lemma Member_Reflects: + "REFLECTS[\u. \v[L]. v \ B \ (\bo[L]. \nx[L]. \ny[L]. + v \ lstA \ is_nth(L,x,v,nx) \ is_nth(L,y,v,ny) \ + is_bool_of_o(L, nx \ ny, bo) \ pair(L,v,bo,u)), + \i u. \v \ Lset(i). v \ B \ (\bo \ Lset(i). \nx \ Lset(i). \ny \ Lset(i). + v \ lstA \ is_nth(##Lset(i), x, v, nx) \ + is_nth(##Lset(i), y, v, ny) \ + is_bool_of_o(##Lset(i), nx \ ny, bo) \ pair(##Lset(i), v, bo, u))]" +by (intro FOL_reflections function_reflections nth_reflection + bool_of_o_reflection) + + +lemma Member_replacement: + "[|L(A); x \ nat; y \ nat|] + ==> strong_replacement + (L, \env z. \bo[L]. \nx[L]. \ny[L]. + env \ list(A) & is_nth(L,x,env,nx) & is_nth(L,y,env,ny) & + is_bool_of_o(L, nx \ ny, bo) & + pair(L, env, bo, z))" +apply (rule strong_replacementI) +apply (rule_tac u="{list(A),B,x,y}" + in gen_separation_multi [OF Member_Reflects], + auto) +apply (rule_tac env="[list(A),B,x,y]" in DPow_LsetI) +apply (rule sep_rules nth_iff_sats is_bool_of_o_iff_sats | simp)+ +done + + +subsubsection\The \<^term>\Equal\ Case\ + +lemma Equal_Reflects: + "REFLECTS[\u. \v[L]. v \ B \ (\bo[L]. \nx[L]. \ny[L]. + v \ lstA \ is_nth(L, x, v, nx) \ is_nth(L, y, v, ny) \ + is_bool_of_o(L, nx = ny, bo) \ pair(L, v, bo, u)), + \i u. \v \ Lset(i). v \ B \ (\bo \ Lset(i). \nx \ Lset(i). \ny \ Lset(i). + v \ lstA \ is_nth(##Lset(i), x, v, nx) \ + is_nth(##Lset(i), y, v, ny) \ + is_bool_of_o(##Lset(i), nx = ny, bo) \ pair(##Lset(i), v, bo, u))]" +by (intro FOL_reflections function_reflections nth_reflection + bool_of_o_reflection) + + +lemma Equal_replacement: + "[|L(A); x \ nat; y \ nat|] + ==> strong_replacement + (L, \env z. \bo[L]. \nx[L]. \ny[L]. + env \ list(A) & is_nth(L,x,env,nx) & is_nth(L,y,env,ny) & + is_bool_of_o(L, nx = ny, bo) & + pair(L, env, bo, z))" +apply (rule strong_replacementI) +apply (rule_tac u="{list(A),B,x,y}" + in gen_separation_multi [OF Equal_Reflects], + auto) +apply (rule_tac env="[list(A),B,x,y]" in DPow_LsetI) +apply (rule sep_rules nth_iff_sats is_bool_of_o_iff_sats | simp)+ +done + +subsubsection\The \<^term>\Nand\ Case\ + +lemma Nand_Reflects: + "REFLECTS [\x. \u[L]. u \ B \ + (\rpe[L]. \rqe[L]. \andpq[L]. \notpq[L]. + fun_apply(L, rp, u, rpe) \ fun_apply(L, rq, u, rqe) \ + is_and(L, rpe, rqe, andpq) \ is_not(L, andpq, notpq) \ + u \ list(A) \ pair(L, u, notpq, x)), + \i x. \u \ Lset(i). u \ B \ + (\rpe \ Lset(i). \rqe \ Lset(i). \andpq \ Lset(i). \notpq \ Lset(i). + fun_apply(##Lset(i), rp, u, rpe) \ fun_apply(##Lset(i), rq, u, rqe) \ + is_and(##Lset(i), rpe, rqe, andpq) \ is_not(##Lset(i), andpq, notpq) \ + u \ list(A) \ pair(##Lset(i), u, notpq, x))]" +apply (unfold is_and_def is_not_def) +apply (intro FOL_reflections function_reflections) +done + +lemma Nand_replacement: + "[|L(A); L(rp); L(rq)|] + ==> strong_replacement + (L, \env z. \rpe[L]. \rqe[L]. \andpq[L]. \notpq[L]. + fun_apply(L,rp,env,rpe) & fun_apply(L,rq,env,rqe) & + is_and(L,rpe,rqe,andpq) & is_not(L,andpq,notpq) & + env \ list(A) & pair(L, env, notpq, z))" +apply (rule strong_replacementI) +apply (rule_tac u="{list(A),B,rp,rq}" + in gen_separation_multi [OF Nand_Reflects], + auto) +apply (rule_tac env="[list(A),B,rp,rq]" in DPow_LsetI) +apply (rule sep_rules is_and_iff_sats is_not_iff_sats | simp)+ +done + + +subsubsection\The \<^term>\Forall\ Case\ + +lemma Forall_Reflects: + "REFLECTS [\x. \u[L]. u \ B \ (\bo[L]. u \ list(A) \ + is_bool_of_o (L, + \a[L]. \co[L]. \rpco[L]. a \ A \ + is_Cons(L,a,u,co) \ fun_apply(L,rp,co,rpco) \ + number1(L,rpco), + bo) \ pair(L,u,bo,x)), + \i x. \u \ Lset(i). u \ B \ (\bo \ Lset(i). u \ list(A) \ + is_bool_of_o (##Lset(i), + \a \ Lset(i). \co \ Lset(i). \rpco \ Lset(i). a \ A \ + is_Cons(##Lset(i),a,u,co) \ fun_apply(##Lset(i),rp,co,rpco) \ + number1(##Lset(i),rpco), + bo) \ pair(##Lset(i),u,bo,x))]" +apply (unfold is_bool_of_o_def) +apply (intro FOL_reflections function_reflections Cons_reflection) +done + +lemma Forall_replacement: + "[|L(A); L(rp)|] + ==> strong_replacement + (L, \env z. \bo[L]. + env \ list(A) & + is_bool_of_o (L, + \a[L]. \co[L]. \rpco[L]. + a\A \ is_Cons(L,a,env,co) \ + fun_apply(L,rp,co,rpco) \ number1(L, rpco), + bo) & + pair(L,env,bo,z))" +apply (rule strong_replacementI) +apply (rule_tac u="{A,list(A),B,rp}" + in gen_separation_multi [OF Forall_Reflects], + auto) +apply (rule_tac env="[A,list(A),B,rp]" in DPow_LsetI) +apply (rule sep_rules is_bool_of_o_iff_sats Cons_iff_sats | simp)+ +done + +subsubsection\The \<^term>\transrec_replacement\ Case\ + +lemma formula_rec_replacement_Reflects: + "REFLECTS [\x. \u[L]. u \ B \ (\y[L]. pair(L, u, y, x) \ + is_wfrec (L, satisfies_MH(L,A), mesa, u, y)), + \i x. \u \ Lset(i). u \ B \ (\y \ Lset(i). pair(##Lset(i), u, y, x) \ + is_wfrec (##Lset(i), satisfies_MH(##Lset(i),A), mesa, u, y))]" +by (intro FOL_reflections function_reflections satisfies_MH_reflection + is_wfrec_reflection) + +lemma formula_rec_replacement: + \ \For the \<^term>\transrec\\ + "[|n \ nat; L(A)|] ==> transrec_replacement(L, satisfies_MH(L,A), n)" +apply (rule L.transrec_replacementI, simp add: L.nat_into_M) +apply (rule strong_replacementI) +apply (rule_tac u="{B,A,n,Memrel(eclose({n}))}" + in gen_separation_multi [OF formula_rec_replacement_Reflects], + auto simp add: L.nat_into_M) +apply (rule_tac env="[B,A,n,Memrel(eclose({n}))]" in DPow_LsetI) +apply (rule sep_rules satisfies_MH_iff_sats is_wfrec_iff_sats | simp)+ +done + + +subsubsection\The Lambda Replacement Case\ + +lemma formula_rec_lambda_replacement_Reflects: + "REFLECTS [\x. \u[L]. u \ B & + mem_formula(L,u) & + (\c[L]. + is_formula_case + (L, satisfies_is_a(L,A), satisfies_is_b(L,A), + satisfies_is_c(L,A,g), satisfies_is_d(L,A,g), + u, c) & + pair(L,u,c,x)), + \i x. \u \ Lset(i). u \ B & mem_formula(##Lset(i),u) & + (\c \ Lset(i). + is_formula_case + (##Lset(i), satisfies_is_a(##Lset(i),A), satisfies_is_b(##Lset(i),A), + satisfies_is_c(##Lset(i),A,g), satisfies_is_d(##Lset(i),A,g), + u, c) & + pair(##Lset(i),u,c,x))]" +by (intro FOL_reflections function_reflections mem_formula_reflection + is_formula_case_reflection satisfies_is_a_reflection + satisfies_is_b_reflection satisfies_is_c_reflection + satisfies_is_d_reflection) + +lemma formula_rec_lambda_replacement: + \ \For the \<^term>\transrec\\ + "[|L(g); L(A)|] ==> + strong_replacement (L, + \x y. mem_formula(L,x) & + (\c[L]. is_formula_case(L, satisfies_is_a(L,A), + satisfies_is_b(L,A), + satisfies_is_c(L,A,g), + satisfies_is_d(L,A,g), x, c) & + pair(L, x, c, y)))" +apply (rule strong_replacementI) +apply (rule_tac u="{B,A,g}" + in gen_separation_multi [OF formula_rec_lambda_replacement_Reflects], + auto) +apply (rule_tac env="[A,g,B]" in DPow_LsetI) +apply (rule sep_rules mem_formula_iff_sats + formula_case_iff_sats satisfies_is_a_iff_sats + satisfies_is_b_iff_sats satisfies_is_c_iff_sats + satisfies_is_d_iff_sats | simp)+ +done + + +subsection\Instantiating \M_satisfies\\ + +lemma M_satisfies_axioms_L: "M_satisfies_axioms(L)" + apply (rule M_satisfies_axioms.intro) + apply (assumption | rule + Member_replacement Equal_replacement + Nand_replacement Forall_replacement + formula_rec_replacement formula_rec_lambda_replacement)+ + done + +theorem M_satisfies_L: "M_satisfies(L)" + apply (rule M_satisfies.intro) + apply (rule M_eclose_L) + apply (rule M_datatypes_L) + apply (rule M_satisfies_axioms_L) + done + +text\Finally: the point of the whole theory!\ +lemmas satisfies_closed = M_satisfies.satisfies_closed [OF M_satisfies_L] + and satisfies_abs = M_satisfies.satisfies_abs [OF M_satisfies_L] + +end